Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to copy.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP-Nuke文件泄漏和上传漏洞
Vulnerability Description
PHP-Nuke是一个网站创建和管理工具,它可以使用很多数据库软件作为后端,比如MySQL、PostgreSQL、mSQL、Interbase、Sybase等。 PHP-Nuke 5.2版本和早期版本,除5.0RC1版本中的admin.php中存在一个安全问题,该漏洞源于不检查上传操作的登录凭证。可能导致远程攻击者获取系统上的敏感信息或者上载程序。
CVSS Information
N/A
Vulnerability Type
N/A