Weaver E-Office 代码问题漏洞

Weaver E-Office is a collaborative office system from China's Panmicro Technology Weaver. A code issue vulnerability exists in Weaver E-Office version 9.5, which stems from the presence of an unknown function in App/Ajax/ajax.php?action=mobileuploadsave, which leads to unrestricted uploads via th...

PT-2023-2943 · Unknown · Weaver E-Office

Name of the Vulnerable Software and Affected Versions: Weaver E-Office version 9.5 Description: The issue is related to the absence of restrictions on file uploads in the App/Ajax/ajax.php?action=mobile upload save component of the Weaver E-Office platform. This allows a remote attacker to upload...