Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Vulnerability Description
Unlimited upload vulnerability for dangerous file types in WinPlus v24.11.27 from Informática del Este. This vulnerability allows an attacker to upload a 'webshell' by sending a POST request to '/WinplusPortal/ws/sWinplus.svc/json/uploadfile'.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Informática del Este WinPlus 代码问题漏洞
Vulnerability Description
Informática del Este WinPlus是西班牙Informática del Este公司的一个人力资源管理平台。 Informática del Este WinPlus v24.11.27版本存在代码问题漏洞,该漏洞源于危险文件类型上传无限制,可能导致攻击者上传webshell。
CVSS Information
N/A
Vulnerability Type
N/A