|
|
|||
| Rule General Information |
|---|
| Release Date: | 2025-02-11 | |
| Rule Name: | Jiuyin ERP Common.ashx File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Jiuyin ERP is a purchase, sales and inventory management software based on Internet technology, which is suitable for various types of online and offline integrated business management under the background of new retail. Ashx interface of Jiuyin ERP Common.ashx has a file upload vulnerability, attackers can upload malicious files to the server, using this vulnerability attackers can execute arbitrary code on the server to obtain control rights of the target server. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |