Enviar #516293: www.digiwin.com digiwin ERP system v5.0.1 Improper Sanitization of Filename to resultinformación

Títulowww.digiwin.com digiwin ERP system v5.0.1 Improper Sanitization of Filename to result
DescripciónA file upload vulnerability has been discovered in the Digiwin ERP system that does not require authentication. This flaw permits attackers to upload arbitrary files, including potentially harmful ASPX files, which can result in remote code execution and total server compromise.
Fuente⚠️ https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_5.md
Usuario
 XU NIE (UID 82414)
Sumisión2025-03-07 16:35 (hace 1 Año)
Moderación2025-03-24 12:19 (17 days later)
EstadoAceptado
Entrada de VulDB300727 [Digiwin ERP 5.0.1 UploadAjaxAPI.ashx Archivo escalada de privilegios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Do you know our Splunk app?

Download it now for free!