Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct static code injection, via a saveGlobalconfig action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gregory Kokanosky phpMyNewsletter 'index.php'拒绝服务攻击漏洞
Vulnerability Description
Gregory Kokanosky phpMyNewsletter的admin/index.php会在登录前提供配置修改的访问权限,存在拒绝服务漏洞。远程攻击者可以借助一个saveGlobalconfig操作,引起拒绝服务攻击(配置数据丢失)以及可能执行直接静态代码注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A