漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Pachno 1.0.6 Unrestricted File Upload Remote Code Execution
Vulnerability Description
Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files .php5 scripts to web-accessible directories and execute them to achieve remote code execution on the server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Pachno 代码问题漏洞
Vulnerability Description
Pachno是Pachno开源的一个用于协作的开源平台。 Pachno 1.0.6版本存在代码问题漏洞,该漏洞源于文件上传过滤无效,可能导致上传任意文件并执行远程代码。
CVSS Information
N/A
Vulnerability Type
N/A