Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo Valvano Comet WebFileManager (CWFM) 0.9.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the Language parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Comet WebFileManager' CheckUpload.php'远程文件包含漏洞
Vulnerability Description
Comet WebFileManager是一种基于Web的远程文件交换管理程序。 Comet WebFileManager处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 Comet WebFileManager的CheckUpload.php脚本没有正确验证Language参数的输入,允许攻击者通过包含本地或外部资源的任意文件导致执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A