Hamastar MeetingHub Paperless Meetings - Unrestricted Upload of File with Dangerous Type

A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary system commands via a crafted ASP file.

N/A

危险类型文件的不加限制上传

Hamastar MeetingHub Paperless Meetings 安全漏洞

Hamastar MeetingHub Paperless Meetings是中国哈玛星（Hamastar）公司的一个无纸化电子会议软件。 Hamastar MeetingHub Paperless Meetings 2021版本存在安全漏洞，该漏洞源于存在无限制上传文件漏洞，导致远程认证用户可以通过特制的ASP文件执行任意系统命令。

N/A

N/A