Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Qualitor getResumo.php eval code injection
Vulnerability Description
A security flaw has been discovered in Qualitor up to 8.20.104/8.24.97. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing a manipulation of the argument passageiros results in code injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. Upgrading to version 8.20.105 and 8.24.98 addresses this issue. Upgrading the affected component is advised.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Qualitor 代码注入漏洞
Vulnerability Description
Qualitor是Qualitor公司的一个管理服务流程和集中服务平台。 Qualitor 8.20版本和8.24版本存在代码注入漏洞,该漏洞源于文件/html/st/stdeslocamento/request/getResumo.php中参数passageiros的错误操作,可能导致代码注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A