Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_rep, (7) gcontour, (8) gfond, (9) ggd_version, (10) ghome, (11) ghor, (12) gimg_copyright, (13) glangage, (14) gmenu_visible, (15) gmini_hasard, (16) gordre_rep, (17) gpage, (18) gracine, (19) grech_inactive, (20) grep_mini, (21) grepertoire, (22) gsite, (23) gslide, (24) gtitre, (25) guse_copyright, (26) gversion, (27) gvert, or (28) gcfgBase parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Monalbum 'Admin_Configuration.PHP' 静态脚本注入漏洞
Vulnerability Description
Monalbum 的admin/admin_configuration.php中存在静态代码注入漏洞。远程认证用户可以借助(1)gadm_pass,(2)gadm_user,(3)gcfgHote,(4)gcfgPass,(5)gcfgUser,(6)gclassement_rep,(7)gcontour,(8)gfond,(9)ggd_version,(10)ghome,(11)ghor,(12)gimg_copyright,(13)glangage,(14)gmenu_visible,(15)gmin
CVSS Information
N/A
Vulnerability Type
N/A