映射到 CWE-434 的搜索结果 (4)

CVE-2015-3884(发布:2017-03-17 10:59:00)NM
CVSS7.5

[原文]Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/attachments/ or uploads/users/.

CVE-2016-2914(发布:2016-08-07 21:59:09)NMS
CVSS5.5

[原文]Unrestricted file upload vulnerability in the Document Builder in IBM Rational Publishing Engine (aka RPENG) 2.0.1 before ifix002 allows remote authenticated users to execute arbitrary code by specifying an unexpected file extension.

CVE-2015-4524(发布:2015-07-04 10:59:01)NMCP
CVSS6.5

[CNNVD]多款EMC产品任意文件上传漏洞--EMC Documentum WebTop等都是美国易安信(EMC)公司的产品。EMC Documentum WebTop是一套允许用户在标准浏览器应用中访问Documentum存储库和内容管理服务的产品。Documentum Administrator是一个基于Web用来执行Documentum系...

CVE-2006-5845(发布:2006-11-09 21:07:00)NMCO
CVSS6.5

[CNNVD]Speedywiki index.php 无限制文件上载漏洞--Speedywiki中的index.php存在无限制文件上载漏洞,远程认证用户可以通过将upload参数设置为1来上载并执行任意PHP代码。

1 第1页 / 共1页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站