Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Poll It 2.0 CGI script allows remote attackers to read arbitrary files by specifying the file name in the data_dir parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CGI-World Poll远程泄漏文件内容漏洞
Vulnerability Description
Poll 是一个用PERL编写的CGI程序,用于在网站上进行投票。 2.0版本的Poll存在一个问题可能会导致系统目录中的文件内容泄露。 Poll的Poll_It_SSI_v2.0.cgi程序可接受很多变量,这些变量可以被远程用户在提交的HTTP请求中控制,但是Poll并没有很好的限制这些输入的变量,可以用来查看系统中任意文件内容。恶意用户可以在data_dir参数中指定要查看的文件。
CVSS Information
N/A
Vulnerability Type
N/A