Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unreliable data deserialization vulnerability in Mentor
Vulnerability Description
Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal, affecting version 3.83.35. This vulnerability could allow an attacker to execute arbitrary code, by injecting a malicious payload into the “ViewState” field.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Mentor 代码问题漏洞
Vulnerability Description
Mentor是一个用于后端管理面板的轻量级 bootstrap 4 管理仪表板模板。 Mentor - Employee Portal 3.83.35版本存在代码问题漏洞,该漏洞源于存在不受信任的数据反序列化漏洞,允许攻击者通过注入恶意载荷执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A