Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Maximo Asset Management file upload
Vulnerability Description
IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)
Vulnerability Title
IBM Maximo Asset Management 安全漏洞
Vulnerability Description
IBM Maximo Asset Management是美国国际商业机器(IBM)公司的一套综合性资产生命周期和维护管理解决方案。该方案能够在一个平台上管理所有类型的资产,如设施、交通运输等,并对这些资产实现单点控制。 IBM Maximo Asset Management 7.6.1.3版本存在安全漏洞,该漏洞源于文件上传不受限制。
CVSS Information
N/A
Vulnerability Type
N/A