| Title | vendor https://www.lingxing.com/ v2 remote code execution |
|---|
| Description | A critical security vulnerability has been identified in the file upload functionality of the .NET system. This vulnerability allows unauthenticated users to upload arbitrary files, which can lead to remote code execution (RCE) and potentially grant attackers full control over the server. |
|---|
| Source | ⚠️ https://github.com/666lail/report/blob/main/tmp/fileUpload_1.md |
|---|
| User | 207556249 (UID 81808) |
|---|
| Submission | 2025年04月01日 16:00 (3 月 ago) |
|---|
| Moderation | 2025年04月14日 00:14 (12 days later) |
|---|
| Status | 承諾済み |
|---|
| VulDB Entry | 304592 [Lingxing ERP 2 FileUpload.ashx?method=DoUpload ファイル 特権昇格] |
|---|
| Points | 17 |
|---|