Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to "Injection Flaws," allow attackers to have an unknown impact via (1) globals.php, which uses include_once() instead of require(); (2) the $options variable; (3) Admin Upload Image; (4) ->load(); (5) content submissions when frontpage is selected; (6) the mosPageNav constructor; (7) saveOrder functions; (8) the absence of "exploit blocking rules" in htaccess; and (9) the ACL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Joomla! 多个权限许可和访问控制漏洞
Vulnerability Description
Joomla! .0.11之前的版本存在多个不明漏洞,有"注入攻击"有关,远程攻击者可借助以下向量造成不明影响:(1) globals.php脚本,使用include_once()函数而非require()函数; (2) $options变量;(3) 管理员上传图像;(4) ->load()函数;(5) 选定主页后的内容提交;(6) mosPageNav构造函数;(7) saveOrder函数;(8) htaccess和(9) ACL中缺少"漏洞利用禁止规则"。
CVSS Information
N/A
Vulnerability Type
N/A