漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Wallos <=2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an unauthenticated attacker to upload malicious files to the server. Once a web shell is installed, the attacker gains the ability to execute arbitrary commands.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Wallos 安全漏洞
Vulnerability Description
Wallos是Miguel Ribeiro个人开发者的一个开源个人订阅跟踪器。 Wallos 2.38.2及之前版本存在安全漏洞,该漏洞源于恢复数据库功能允许未经验证的用户上传恶意文件,可能导致执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A