漏洞描述
IBM Spectrum Control和IBM Storage Insights都是美国IBM公司的存储资源管理软件。 IBM Spectrum Control 5.2.8至5.2.10.1版本和IBM Storage Insights中存在任意文件上传漏洞。远程攻击者可通过发送特制的HTTP请求利用该漏洞上传恶意文件。
IBM Spectrum Control和IBM Storage Insights 任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2022-29081: Zoho ManageEngine - Access Control Bypass
- POC CVE-2025-12480: Triofox - Improper Access Control
- POC CVE-2025-52665: UniFi Access - Broken Access Control
- JeeWMS /cgDynamGraphController.do SQL 注入漏洞
- JeeWMS /departController.do SQL 注入漏洞
- CVE-2019-19781: Citrix Application Delivery Controller (ADC) and Gateway Directory Traversal.
- ibm-storage-default-password: IBM Storage Management Default Login
- jeecgboot-commoncontroller-parserxml-fileupload: Jeecgboot commonController parserXml fileupload
- 建文工程项目管理软件 /UserControl/FileUpload/FileUploadNew.ashx 文件上传漏洞
- Exrick Xboot Swagger SecurityController.java服务器端请求伪造(CVE-2025-8527)
- POC CVE-2025-1974-k8s: Ingress-Nginx Controller - Unauthenticated Remote Code Execution
- POC CVE-2010-1340: Joomla! Component com_jresearch - 'Controller' Local File Inclusion
- POC CVE-2010-1858: Joomla! Component SMEStorage - Local File Inclusion