Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in Simple PHP Blog (SPHPBlog), probably 0.4.8, allow remote attackers to read arbitrary files and possibly include arbitrary PHP code via a .. (dot dot) sequence in the blog_theme parameter in (1) index.php, (2) add_cgi.php, (3) add_link.php, (4) login.php, (5) template.php, or (6) contact.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Simple PHP Blog 多个目录遍历漏洞
Vulnerability Description
Simple PHP Blog (SPHPBlog)存在多个目录遍历漏洞,远程攻击者可通过一个在(1)index.php,(2)add_cgi.php,(3)add_link.php,(4)login.php,(5)template.php或(6)contact.php内的blog_theme 参数(该参数中包含..)序列,来读取任意文件并可能包含任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A