Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Wallos <=2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an unauthenticated attacker to upload malicious files to the server. Once a web shell is installed, the attacker gains the ability to execute arbitrary commands.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Wallos 安全漏洞
Vulnerability Description
Wallos是Miguel Ribeiro个人开发者的一个开源个人订阅跟踪器。 Wallos 2.38.2及之前版本存在安全漏洞,该漏洞源于恢复数据库功能允许未经验证的用户上传恶意文件,可能导致执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A