Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, when the administrative IP address restrictions have been modified from the default, allow remote authenticated users to read arbitrary files via (1) a "..\" (dot dot backslash) in the file parameter to showini.asp, or (2) an absolute path with drive letter in the log parameter to showlog.asp.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Windows及Linux Sambar目录遍历漏洞
Vulnerability Description
Windows上的Sambar服务器6.1 Beta 2版本和Linux上的可能其它版本在默认管理员IP地址限制被修改后存在多个目录遍历漏洞。远程授权用户可以借助(1)showini.asp的file参数的"..\" (点 点 反斜线)或(2)showlog.asp的log参数的带有drive字母的绝对路径读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A