Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in admin.x-shop.php in the x-shop component (com_x-shop) 1.7 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by third party researchers, stating that there is no mosConfig_absolute_path parameter and no admin.x-shop.php file in the reported package
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
已过期: Joomla X-shop 'admin.x-shop.php'远程文件包含漏洞
Vulnerability Description
**有争议** Mambo软件和Joomla软件中x-shop组件(com_x-shop) 1.7及早期版本中的admin.x-shop.php脚本存在PHP远程文件包含漏洞!远程攻击者可借助mosConfig_absolute_path参数中的URL执行任意PHP代码。注:第三方研究人员对此问题存在争议,称所报道的软件包中并不存在mosConfig_absolute_path parameter参数和admin.x-shop.php文件。
CVSS Information
N/A
Vulnerability Type
N/A