Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Direct static code injection vulnerability in admin_options_manage.php in AlstraSoft Affiliate Network Pro 7.2 allows attackers to execute arbitrary PHP code via the number parameter. NOTE: it is not clear from the original report whether administrator privileges are required. If not, then this does not cross privilege boundaries and is not a vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AlstraSoft Affiliate Network Pro admin_options_manage.php直接静态代码注入漏洞
Vulnerability Description
AlstraSoft Affiliate Network Pro是一个分支网络程序管理的多合一系统。 AlstraSoft Affiliate Network Pro 7.2的admin_options_manage.php中的直接静态代码注入漏洞,可让攻击者通过number参数执行任意PHP代码。注意:无法从原始报告得知是否需要管理员特权。如果不是这样,则此问题不会跨越特权边界,也不是漏洞。
CVSS Information
N/A
Vulnerability Type
N/A