Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the (1) _PHPLIB[libdir] parameter in studip-phplib/oohforms.inc and (2) ABSOLUTE_PATH_STUDIP parameter in studip-htdocs/archiv_assi.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RETIRED: Stud.IP多个PHP远程文件包含漏洞
Vulnerability Description
Stud.IP 1.3.0-2及之前版本存在PHP远程文件包含漏洞。当register_globals启用时,远程攻击者借助(1)studip-phplib/oohforms.inc 中的 _PHPLIB[libdir]参数和(2)studip-htdocs/archiv_assi.php中的ABSOLUTE_PATH_STUDIP 参数,执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A