Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote attackers to inject arbitrary PHP code into a .inc file in the data/ directory via (1) a REMOTE_ADDR cookie or (2) a cookie specifying an element of the msg array with an error number in the first dimension and 0 in the second dimension, as demonstrated by msg[999][0].
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GuppY 'error.php'多个静态代码注入漏洞
Vulnerability Description
GuppY 4.5.16版本及其早期版本的error.php中存在多个静态代码注入漏洞。远程攻击者可以借助(1)一个REMOTE_ADDR cookie或(2)一个cookie,该cookie指明了在第一次元中具有一个错误号码的msg数组以及第二次元中的0的一个元件,例如msg[999][0],向data/ directory中的.inc文件注入任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A