Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AzDGDatingLite security.inc.php目录遍历漏洞
Vulnerability Description
AzDGDatingLite是一款支持多语方的交友系统软件。 AzDGDatingLite 2.1.3版本,可能还包括早期版本,其中的security.inc.php存在目录遍历漏洞,允许远程攻击者通过".."(参数中包含'..')执行任意PHP(超级文本预处理语言)指令。 l 参数中的序列和"%00" (跟随空字符)用于include_once语句。
CVSS Information
N/A
Vulnerability Type
N/A