Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Conjure Position Department Service Quality Evaluation System head.php eval backdoor
Vulnerability Description
A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the file public/assets/less/bootstrap-less/mixins/head.php. The manipulation of the argument payload leads to backdoor. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
隐藏功能
Vulnerability Title
Conjure Position Department Service Quality Evaluation System 安全漏洞
Vulnerability Description
Conjure Position Department Service Quality Evaluation System是中国星空间(Conjure)公司的一个岗位部门服务质量评价系统。 Conjure Position Department Service Quality Evaluation System 1.0.11及之前版本存在安全漏洞,该漏洞源于对文件public/assets/less/bootstrap-less/mixins/head.php中参数payload的错误操作导致后门。
CVSS Information
N/A
Vulnerability Type
N/A