CVE-2010-0284 in Access Manager
摘要
由 VulDB • 2026-07-03
Novell Access Manager 3.1(Windows平台,版本低于3.1.2-281)的管理控制台(Administration Console,又称Access Management Console)中nps.jar文件内的servlet的PortalModuleInstallManager组件的getEntry方法存在目录遍历漏洞。远程攻击者可通过在参数中使用“..”创建任意内容的任意文件,从而执行任意代码。(ZDI-CAN-678)
If you want to get best quality of vulnerability data, you may have to visit VulDB.