Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PerlDesk Language Variable Server-Side 脚本执行漏洞
Vulnerability Description
PerlDesk的pdesk.cgi存在目录遍历漏洞。远程攻击者借助“..”序列lang参数以%00 (空值)字符终结的“..”序列读取部分任意文件和可能执行任意Perl模块,该漏洞在编译消息出错发生时泄露部分请求文件。
CVSS Information
N/A
Vulnerability Type
N/A