Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers to execute arbitrary ASP code via the cpaint_argument[] parameter to (1) calculator.asp or (2) cpaintfile.asp, which is directly fed into an eval statement.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CPAINT 多个eval注入漏洞
Vulnerability Description
CPAINT 1.3-SP存在eval注入漏洞。这使得远程攻击者可以借助于传递到(1)calculator.asp或(2)cpaintfile.asp的cpaint_argument[]参数执行任意ASP代码,上述代码被直接加入到eval语句中。
CVSS Information
N/A
Vulnerability Type
N/A