Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a different vulnerability than CVE-2005-2568.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SysCP 'scripts/cronscript.php'用户目录路径引用漏洞
Vulnerability Description
SysCP 1.2.15版本及其早期版本的scripts/cronscript.php没有适当地引用用户主目录的路径名,这会允许本地用户通过在一个目录名中放置外壳元字符以获得特权,并运行控制面板来保护该目录。该漏洞不同于CVE-2005-2568。
CVSS Information
N/A
Vulnerability Type
N/A