Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the (1) boxname parameter to theme/superchrome/box.php and the (2) theme parameter to phpclanwebsite/footer.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Phpclanwebsite 多个目录遍历漏洞
Vulnerability Description
Phpclanwebsite是一款内容管理系统(CMS)。 Phpclanwebsite(又称PCW)1.23.3修复补丁5以及之前的版本中存在多个目录遍历漏洞。当magic_quotes_gpc被中止而register_globals被激活时,远程攻击者可以借助(1)对theme/superchrome/box.php的boxname参数(2)对phpclanwebsite/footer.php的主题参数中的".."包含和运行任意文件。
CVSS Information
N/A
Vulnerability Type
N/A