Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Huang Yaoshi Pharmaceutical Management Software 安全漏洞
Vulnerability Description
新生代 Huang Yaoshi Pharmaceutical Management Software是新生代公司的一个药品管理软件。 Huang Yaoshi Pharmaceutical Management 16.0及之前版本存在安全漏洞,该漏洞源于通过/XSDService.asmx接口上传文件时,允许任意文件上传。
CVSS Information
N/A
Vulnerability Type
N/A