漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
mjperpinosa stumasy add_post.php unrestricted upload
Vulnerability Description
A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/add_post.php. Performing a manipulation of the argument up_file_to_post results in unrestricted upload. The attack may be initiated remotely. The exploit has been made public and could be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
stumasy 代码问题漏洞
Vulnerability Description
stumasy是Marejean Chernyak个人开发者的一个学生成绩管理分析系统。 stumasy存在代码问题漏洞,该漏洞源于application/PHP/objects/updates/add_post.php文件中未知函数对参数up_file_to_post的操作导致无限制上传,可能导致远程攻击者利用该漏洞。
CVSS Information
N/A
Vulnerability Type
N/A