Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as available on 20071030 and earlier, allows remote attackers to read arbitrary files via the file parameter. NOTE: this issue only occurs in environments where the system administrator has not followed the vendor recommendations that this product should only be used internally.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
eLouai's Force Download 'downloadfile.php' 目录遍历漏洞
Vulnerability Description
媒体文件脚本的eLouai's Force Download的downloadfile.php中存在目录遍历漏洞, 当在20071030版本及其早期版本可使用时, 远程攻击者可以借助文件参数,读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A