Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Galeria Zdjec 'ZD_Numer.PHP' 本地文件包含漏洞
Vulnerability Description
Galeria Zdjec 3.0版本及其早期版本的zd_numer.php中存在目录遍历漏洞。远程攻击者可以借助galeria参数中的一个..(参数中包含'..'),包含和运行任意本地文件,例如向一个Apache HTTP服务器的登陆文件注入PHP序列,然后被zd_numer.php包含。
CVSS Information
N/A
Vulnerability Type
N/A