GobyVuls/GJP_SelectImage.aspx_file_upload_vulnerability.md at 473574e90ebda55938c7dea6730e9571c00f49f9 - GobyVuls - 临风笛

admin/GobyVuls

mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 18:27:13 +00:00

Goby 3dbd252ebd

Update GJP_SelectImage.aspx_file_upload_vulnerability.md

2023-09-15 17:27:26 +08:00

1.1 KiB

Raw Blame History

GJP SelectImage.aspx file upload vulnerability

Vulnerability	GJP SelectImage.aspx file upload vulnerability
Chinese name	管家婆订货易在线商城 SelectImage.aspx 文件上传漏洞
CVSS core	9.8
FOFA Query (click to view the results directly)	title="订货易"
Number of assets affected	2617
Description	Renwoxing took the lead in launching the Guanjiapo purchase, sales, inventory and financial integration software for small and medium-sized enterprises.There is a SelectImage.aspx arbitrary file upload vulnerability in the Guanjiapo Ordering Online Mall. An attacker can use this vulnerability to control the entire system, ultimately causing the system to be in an extremely unsafe state.
Impact	An attacker can take control of the entire system through this vulnerability, ultimately leaving the system in an extremely unsafe state.