Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unrestricted File Upload Vulnerability in SAP Supplier Relationship Management
Vulnerability Description
Due to missing verification of file type or content, SAP Supplier Relationship Management allows an authenticated attacker to upload arbitrary files. These files could include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an attacker could cause high impact on confidentiality, integrity and availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
SAP Supplier Relationship Management 代码问题漏洞
Vulnerability Description
SAP Supplier Relationship Management(SRM)是德国思爱普(SAP)公司的一套供应商关系管理解决方案。该产品实现了企业内以及供应商之间采购和购置流程的自动化,并提供发票开具等功能。 SAP Supplier Relationship Management存在代码问题漏洞,该漏洞源于缺少文件类型或内容验证,可能导致上传任意文件,影响应用程序的机密性、完整性和可用性。
CVSS Information
N/A
Vulnerability Type
N/A