Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this issue has been described as file inclusion by some sources, but that is just one attack; the primary vulnerability is eval injection.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ClanSys index.php Eval注入漏洞
Vulnerability Description
ClanSys 1.1中的 index.php存在Eval注入漏洞。这使得远程攻击者可以借助于page参数中的PHP代码执行任意PHP代码,如使用"include"语句,该语句被注入到eval语句中。 注意:此问题被描述为由源文件造成的文件包含,但其只是一次攻击;主要漏洞是eval注入。
CVSS Information
N/A
Vulnerability Type
N/A