Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in TinX/cms 1.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) language parameter to (a) include_me.php, (b) admin/ajax.php, and (c) admin/objects/catalog.ajaxhandler.php; and the (2) prefix parameter to (d) admin/inc/config.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TinX cms 多文件遍历漏洞
Vulnerability Description
TinX/cms是一款时髦的基于PHP4/MYSQL4的开源CMS,采用了跨平台/跨浏览器的所见即所得编辑器。 TinX/cms 1.1存在多个目录遍历漏洞, 在register_globals被激活时, 远程攻击者通过(1) 对(a) include_me.php, (b) admin/ajax.php, 和 (c) admin/objects/catalog.ajaxhandler.php的语言参数; 以及 (2) 对(d) admin/inc/config.php的前缀参数的目录遍历序列来包含和执行
CVSS Information
N/A
Vulnerability Type
N/A