Home
MEDIUM: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:NMEDIUM: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NDefault status
unaffected
all
affected
Description
Enterprise Cloud Database developed by Ragic has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload malicious files and make them available for users to download.
Problem types
CWE-434 Unrestricted upload of file with dangerous type
Product status
all
References
www.twcert.org.tw/tw/cp-132-11031-eccb2-1.html
www.twcert.org.tw/en/cp-139-11032-460c2-2.html