Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Flowring|Agentflow - Arbitrary File Upload
Vulnerability Description
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Flowring Agentflow 代码问题漏洞
Vulnerability Description
Flowring Agentflow是中国华苓(Flowring)公司的一个智能流程自动化(RPA)平台。 Flowring Agentflow存在代码问题漏洞,该漏洞源于任意文件上传,可能导致经过身份验证的远程攻击者上传并执行Web后门,从而在服务器上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A