DoWISP 操作系统命令注入漏洞
DoWISP is a full-service cloud-based management software for Internet Service Providers ISPs from DoWISP, Inc. An operating system command injection vulnerability exists in DoWISP versions prior to 1.16.2.50, which stems from the fact that uploading a malicious profile picture in SVG format can...