Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option, which executes the PHP payload on the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SourceForge QaTraq 安全漏洞
Vulnerability Description
SourceForge QaTraq是SourceForge开源的一个测试管理工具。 SourceForge QaTraq 6.9.2版本存在安全漏洞,该漏洞源于文件类型限制不足,可能导致上传和执行任意PHP文件。
CVSS Information
N/A
Vulnerability Type
N/A