Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in the file_upload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files by uploading a file with an executable extension, then accessing it via a direct request to the file in the rwx_gallery directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EncapsGallery core/misc.class.php 任意文件上传漏洞
Vulnerability Description
EncapsGallery 2.0.2的core/misc.class.php中的file_upload 函数存在无限制文件上传漏洞,远程验证用户通过上传一个可执行扩展名的一个文件并向rwx_gallery目录的文件提交一个直接请求来访问该文件,以执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A