Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cahier De Texte 'Telecharger.PHP'目录遍历漏洞
Vulnerability Description
Cahier de texte的administration/telecharger.php目录遍历漏洞。远程攻击者通过chemin参数获取文件未解析的内容(源码),如使用目录遍历序列从conn_cahier_de_texte.php获取MySQL用户名和密码。 注意:还不清楚此问题是否扩展上述web文档root以及是否目录遍历是主要漏洞。
CVSS Information
N/A
Vulnerability Type
N/A