Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Precurio Intranet Portal 4.4: Cross-Site Request Forgery leading to arbitrary file upload
Vulnerability Description
Precurio Intranet Portal 4.4 contains a cross-site request forgery vulnerability that allows attackers to induce authenticated users to submit crafted requests to a profile update endpoint handling file uploads. Attackers can exploit this to upload executable files to web-accessible locations, leading to arbitrary code execution in the context of the web server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Precurio Intranet Portal 安全漏洞
Vulnerability Description
Precurio Intranet Portal是美国Precurio公司的一个文档管理门户系统。 Precurio Intranet Portal 4.4版本存在安全漏洞,该漏洞源于存在跨站请求伪造漏洞,可能导致任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A