漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
All In One Control Panel (AIOCP) 1.3.007 and earlier allows remote attackers to obtain the full path of the web server via certain requests to (1) public/code/cp_dpage.php, possibly involving the aiocp_dp[] parameter, (2) public/code/cp_show_ec_products.php, possibly involving the order_field[] parameter, and (3) public/code/cp_show_page_help.php, possibly involving the hp[] parameter, which reveal the path in various error messages.
漏洞信息
N/A
漏洞
N/A
漏洞
AIOCP多个输入验证漏洞
漏洞信息
All In One Control Panel (AIOCP)存在输入验证漏洞。远程攻击者可以通过某些对(1) public/code/cp_dpage.php(可能涉及aiocp_dp[]参数),(2)public/code/cp_show_ec_products.php(可能涉及order_field[]参数),和(3)public/code/cp_show_page_help.php(可能涉及hp[]参数)的请求,导致系统在各种错误消息中泄漏路径,从而获取web服务器的完整路径。
漏洞信息
N/A
漏洞
N/A