Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
fuzzylime (cms) 'rss.php' 本地文件包含漏洞
Vulnerability Description
fuzzylime 是一个内容管理系统,是建立大小不一站点的理想系统.从最小的家庭网站到需要不同人编辑和上传内容的商业网站,它易于安装,仅仅上传一些文件即可。 fuzzylime (cms) 3.01a 及其早期版本的rss.php中存在目录遍历漏洞。在magic_quotes_gpc被中止时, 远程攻击者通过p参数中的.. (dot dot)来包含和执行任意本地文件,例如运行content.php。该漏洞不同于CVE-2007-4805。
CVSS Information
N/A
Vulnerability Type
N/A