Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple PHP remote file inclusion vulnerabilities in Atsphp 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the CONF[path] parameter to (1) index.php, (2) sources/usercp.php, or (3) sources/admin.php. NOTE: Another researcher has disputed this vulnerability, noting that CONF[path] is defined before use in index.php, that CONF[path] inclusion cannot occur through a direct request to other affected files, and that usercp.php is a typo of user_cp.php
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atsphp 代码注入漏洞
Vulnerability Description
Atsphp 5.0.1 中的多个 PHP 远程文件存在代码注入漏洞,允许远程攻击者通过 (1) index.php, (2) sources/usercp.php 的 CONF[path] 参数中的 URL 执行任意 PHP 代码, 或 (3) 来源/admin.php。
CVSS Information
N/A
Vulnerability Type
N/A