Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the From field of an instant message as the beginning of the .dat file name when the (1) imview2 or (2) imview3 function reads (a) an internal IM, or a message from a (b) guest or (c) removed member, which has unknown impact and remote attack vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
web-app.org WebAPP远程攻击漏洞
Vulnerability Description
web-app.org WebAPP中存在远程攻击漏洞。当(1)imview2或(2)imview3函数读取(a)一个内部的IM时,web-app.org WebAPP 0.9.9.7之前版本中的cgi-bin/cgi-lib/instantmessage.pl会使用一个即时信息的From字段作为.dat文件名的开始部分,这会造成未知影响和远程攻击向量。
CVSS Information
N/A
Vulnerability Type
N/A