Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Global variable overwrite vulnerability in PHP-Nuke allows remote attackers to conduct remote PHP file inclusion attacks via a modified phpbb_root_path parameter to the admin scripts (1) index.php, (2) admin_ug_auth.php, (3) admin_board.php, (4) admin_disallow.php, (5) admin_forumauth.php, (6) admin_groups.php, (7) admin_ranks.php, (8) admin_styles.php, (9) admin_user_ban.php, (10) admin_words.php, (11) admin_avatar.php, (12) admin_db_utilities.php, (13) admin_forum_prune.php, (14) admin_forums.php, (15) admin_mass_email.php, (16) admin_smilies.php, (17) admin_ug_auth.php, and (18) admin_users.php, which overwrites $phpbb_root_path when the import_request_variables function is executed after $phpbb_root_path has been initialized to a static value.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP-Nuke 多个全局变量重写漏洞
Vulnerability Description
PHP-Nuke存在全局变量重写漏洞,远程攻击者可通过修改传给管理脚本(1) index.php,(2) admin_ug_auth.php,(3) admin_board.php,(4) admin_disallow.php,(5) admin_forumauth.php,(6) admin_groups.php,(7) admin_ranks.php,(8) admin_styles.php,(9) admin_user_ban.php,(10) admin_words.php,(11) admin_
CVSS Information
N/A
Vulnerability Type
N/A