Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
cld378632668 JavaMall MinioController.java upload unrestricted upload
Vulnerability Description
A vulnerability was found in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. This impacts the function Upload of the file src/main/java/com/macro/mall/controller/MinioController.java. The manipulation results in unrestricted upload. It is possible to launch the attack remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
mall 代码问题漏洞
Vulnerability Description
mall是macro个人开发者的一套电商系统,包括前台商城系统及后台管理系统。 mall 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0及之前版本存在代码问题漏洞,该漏洞源于对文件src/main/java/com/macro/mall/controller/MinioController.java中函数Upload的错误操作,可能导致不受限制的上传。
CVSS Information
N/A
Vulnerability Type
N/A