Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lm_path variable is set to a constant value. As of 20060726, CVE concurs with the vendor based on SecurityTracker's post-disclosure analysis
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
已过期: ListMessenger 'listmessenger.php' PHP远程文件包含漏洞
Vulnerability Description
** 有争议 ** ListMessenger 0.9.3的enduser/listmessenger.php存在PHP远程文件包含漏洞,远程攻击者可借助lm_path参数中的URL执行任意PHP代码。注: 厂商就此问题对SecurityTracker提出反驳,声称$lm_path 变量设为常数值。2006年7月26日, CVE根据SecurityTracker的公布后分析结果同意了厂商的意见
CVSS Information
N/A
Vulnerability Type
N/A