Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Jetbox CMS 2.1 allows remote attackers to obtain sensitive information via (1) a direct request to (a) main_page.php, (b) open_tree.php, and (c) outputs.php; (2) a malformed view parameter to index.php, as demonstrated with an SQL injection manipulation; or (3) the id[] parameter to admin/cms/opentree.php, which reveals the installation path in the resulting error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jetbox CMS version 'opentree.php'多路径破解漏洞
Vulnerability Description
Jetbox CMS 允许远程攻击者借助一个对(a)main_page.php,(b)open_tree.php和(c)outputs.php的直接请求、对index.php的畸形的查看参数或对admin/cms/opentree.php的(3)id[]参数,获得敏感信息。这会在错误信息中显示安装路径。
CVSS Information
N/A
Vulnerability Type
N/A