Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the system parameter in modules/netshop/post.php; and the INCLUDE_FOLDER parameter in (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.php, and (5) forum.inc.php in modules/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AIST Netcat 多文件参数目录遍历漏洞
Vulnerability Description
Netcat 是一款简单的Unix工具,使用UDP和TCP协议。 它是一个可靠的容易被其他程序所启用的后台操作工具,同时它也被用作网络的测试工具或黑客工具。 AIST NetCat 3.12 及其早期版本中存在多个目录遍历漏洞, 当 magic_quotes_gpc被中止且register_globals被激活时, 远程攻击者可以借助(1)modules/netshop/post.php中的系统参数; (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.p
CVSS Information
N/A
Vulnerability Type
N/A