Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple PHP remote file inclusion vulnerabilities in Harpia CMS 1.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) func_prog parameter to (a) preload.php and (b) index.php; (2) header_prog parameter to (c) missing.php and (d) email.php, (e) files.php, (f) headlines.php, (g) search.php, (h) topics.php, and (i) users.php in _mods/; (3) theme_root parameter to (j) footer.php, (k) header.php, (l) pfooter.php, and (m) pheader.php in _inc; (4) mod_root parameter to _inc/header.php; and the (5) mod_dir and (6) php_ext parameters to (n) _inc/web_statsConfig.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Harpia CMS 多个PHP远程文件包含漏洞
Vulnerability Description
Harpia CMS 1.0.5版本及其早期版本中存在多个PHP远程文件包含漏洞。远程攻击者可以借助脚本的多个参数的URL,执行任意的PHP代码。这些参数包含:(1)脚本preload.php、index.php的func_prog参数;(2))_mods/中的脚本missing.php、email.php、files.php、headlines.php、search.php、topics.php和 users.php的header_prog参数;(3)_inc中脚本footer.php、header.p
CVSS Information
N/A
Vulnerability Type
N/A