Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) form_id parameter to pcw/processforms.php, (3) pcwlogin and (4) pcw_pass parameters to pcw/setlogin.php, (5) searchvalue parameter to pcw/downloads.php, and the (6) searchvalue and (7) whichfield parameter to pcw/downloads.php, a different vector than CVE-2006-0444.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Phpclanwebsite 多个输入验证漏洞
Vulnerability Description
Phpclanwebsite是一款内容管理系统(CMS)。 Phpclanwebsite(又称PCW)1.23.3修复补丁5以及之前的版本中存在多个SQL注入漏洞。当magic_quotes_gpc被中止时,远程攻击者可以借助以下参数:(1)对index.php的页参数(2)对pcw/processforms.php的form_id参数(3)对pcw/setlogin.php的pcwlogin参数(4)对pcw/setlogin.php的pcw_pass参数(5)对pcw/downloads.php的搜索
CVSS Information
N/A
Vulnerability Type
N/A