Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). upload.aspx can be used for this.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Advantive VeraCore 安全漏洞
Vulnerability Description
Advantive VeraCore是Advantive公司的一个 SaaS 订单和仓库管理软件。 Advantive VeraCore 2024.4.2.1之前版本存在安全漏洞,该漏洞源于允许远程经过身份验证的用户将文件上传到非预期文件夹。
CVSS Information
N/A
Vulnerability Type
N/A