Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Code Injection in Wyn Enterprise
Vulnerability Description
Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently limits what code might be included. An attacker is able use a low privileges account in order to abuse this functionality and execute malicious code, load DLL libraries and executing OS commands on a host system with applications high privileges. This issue has been fixed in version 8.0.00204.0
CVSS Information
N/A
Vulnerability Type
CWE-1336
Vulnerability Title
Wyn Enterprise 安全漏洞
Vulnerability Description
Wyn Enterprise是Wyn Enterprise公司的一个嵌入式商业智能和分析工具。 Wyn Enterprise 8.0.00204.0版本之前存在安全漏洞,该漏洞源于报告生成功能中允许包含代码,但是对被包含的代码限制不充分,可能导致操作系统命令注入。
CVSS Information
N/A
Vulnerability Type
N/A