Name of the Vulnerable Software and Affected Versions LOCMAN Клиент (affected versions not specified)

Description The issue is related to the unlimited upload of dangerous file types in the LOCMAN Клиент module of the LOCMAN:PLM system. Exploitation of this issue could allow an attacker to execute arbitrary code by replacing dll libraries, such as shdocvw.dll, in specific directories.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.