Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution in MarkAny SafePC Enterprise
Vulnerability Description
An attacker can obtain server information using Path Traversal vulnerability to conduct SQL Injection, which possibly exploits Unrestricted Upload of File with Dangerous Type vulnerability in MarkAny SafePC Enterprise on Windows, Linux.This issue affects SafePC Enterprise: V7.0.* (V7.0.YYYY.MM.DD) before V7.0.1, and V5.*.*.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
MarkAny SafePC Enterprise 安全漏洞
Vulnerability Description
MarkAny SafePC Enterprise是韩国MarkAny公司的一款端点数据防泄漏软件。 MarkAny SafePC Enterprise V7.0.1之前版本和V5.*.*版本存在安全漏洞,该漏洞源于路径遍历漏洞可能导致SQL注入,以及危险类型文件上传不受限制,可能导致服务器信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A