Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in gallerie.php in SL_site 1.0 allows remote attackers to list images in arbitrary directories via ".." sequences in the rep parameter, which is used to construct a directory name in admin/config.inc.php. NOTE: this issue could be used to produce resultant XSS from an error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SL_site gallerie.php 目录遍历漏洞
Vulnerability Description
SL_site 1.0 中的gallerie.php存在目录遍历漏洞。这使得远程攻击者可以借助于rep参数(该参数中包含..)序列列出任意目录中的图像文件,rep参数用于在admin/config.inc.php中构造一个目录名。 注意:此问题可用于利用错误信息进行跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A