Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The moveim function in cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the tocat parameter as a subdirectory name when moving an instant message, which has unknown impact and remote attack vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
web-app.org WebAPP 远程攻击漏洞
Vulnerability Description
web-app.org WebAPP中存在远程攻击漏洞。当移动一个即时信息时,cgi-bin/cgi-lib/instantmessage.pl中的moveim函数会将tocat参数当做一个子目录来使用,这会造成未知影响和远程攻击向量。
CVSS Information
N/A
Vulnerability Type
N/A