Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in admin/deleteuser.php in HitHost 1.0.0 might allow remote attackers to delete directories (possibly only empty directories) via the $deleteuser variable. NOTE: the initial disclosure for this issue indicated that the researcher was unable to prove this issue; however, this might have been due to certain behaviors of rmdir.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HitHost 'deleteuser.php'目录遍历漏洞
Vulnerability Description
在HitHost 1.0.0的admin/deleteuser.php中存在目录遍历漏洞,远程攻击者可通过$deleteuser变量删除目录(可能只是空目录)。 注意:最初对此问题的报告表明,研究人员不能证实此问题。 不过,这可能是因为某些rmdir行为的缘故。
CVSS Information
N/A
Vulnerability Type
N/A