Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ragic Enterprise Cloud Database - Arbitrary File Upload
Vulnerability Description
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Ragic Enterprise Cloud Database 安全漏洞
Vulnerability Description
Ragic Enterprise Cloud Database是Ragic公司的一个企业云数据库。 Ragic Enterprise Cloud Database 2024/08/08 09:45:25之前版本存在安全漏洞,该漏洞源于未正确验证上传的文件类型,使得具有常规权限的攻击者可以上传webshell并使用它在远程服务器上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A