Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in contrib/yabbse/poc.php in phpopenchat before 3.0.2 allows remote attackers to execute arbitrary PHP code via the sourcedir parameter. NOTE: this issue was disputed by a third-party researcher who stated that the _REQUEST parameters were dynamically unset at the beginning of the file. Another researcher noted, and CVE agrees, that the unset PHP function can be bypassed (CVE-2006-3017). If this issue is due to a vulnerability in PHP, then it should be excluded from CVE
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpopenchat 'poc.php' PHP远程文件包含漏洞
Vulnerability Description
phpopenchat 3.0.2之前版本的contrib/yabbse/poc.php中的PHP远程文件包含漏洞,远程攻击者可以通过sourcedir参数执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A