Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attackers to read and modify files, as demonstrated by manipulating data/sess.php in (1) usb and (2) del_pag actions. NOTE: this can be leveraged for code execution by performing an upload that bypasses the intended access restrictions that were implemented in sess.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Neutrino Atomic Edition 权限绕过漏洞
Vulnerability Description
Neutrino Atomic Edition 0.8.4的index.php中存在目录遍历漏洞。远程攻击者可以读取和修改文件,例如,通过利用(1) usb 和 (2) del_pag操作中的data/sess.php来完成。注意:该漏洞通过执行一个可以绕过预设在sess.php的访问权限限制的上传来执行代码。
CVSS Information
N/A
Vulnerability Type
N/A