CVE-2019-9613 in OFCMS
要約
〜によって MITRE
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadVideo URI.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.