Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Invision Power Board错误消息路径泄露漏洞
Vulnerability Description
Invision Power Board是一款流行的论坛程序。 Invision Power Board在的上传文件功能存在问题,远程攻击者可以利用这个漏洞获得软件安装路径信息。 在论坛中的"My Controls"中,用户可以更改个人照片,这可通过如下URL访问: http://www.example.com/forum/index.php?act=UserCP&CODE=photo 如果用户上传的一个文件名不是实际的图象文件,并点击上传图片按钮,PHP就会返回如下错误消息: "Warning: get
CVSS Information
N/A
Vulnerability Type
N/A