| Description: | | I Doc View Online Document Preview System is a set of systems for displaying and previewing various document types such as text documents, spreadsheets, presentations, PDF files, etc. in a web environment. There is a file upload vulnerability in the /html/2word online document preview system of I Doc View, which exists in the remote page caching function in I Doc View, because the application fails to perform sufficient security verification on the URL entered by the user, the attacker can make the server download the malicious file by constructing a special URL, so as to execute arbitrary code. The affected version is I Doc View < 13.10.1_20231115. |