Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in PHP Content Architect (aka NoAh) 0.9 pre 1.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filepath parameter to (1) css_file.php, (2) js_file.php, or (3) xml_file.php in noah/modules/nosystem/templates/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NoAh PHP Content Architect "noah/modules/nosystem/templates/" 多个目录遍历漏洞
Vulnerability Description
PHP Content Architect (又称NoAh)中存在多个目录遍历漏洞,远程攻击者借助noah/modules/nosystem/templates/中的(1) css_file.php, (2) js_file.php,或(3) xml_file.php的filepath参数(参数包含一个"..")读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A