Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. (dot dot) in the (1) CurrentDirectory and (2) File parameters to index.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Terracotta 'index.php' 本地文件包含漏洞
Vulnerability Description
Terracotta是一个用PHP编写的实现用XML文件来存储元信息的程序。主要为解决个人网站内容管理解决方案。 Terracotta (又称OpenTerracotta)0.6.1版本及其他版本中的ContentRender.class.php的RenderFile函数存在多个目录遍历漏洞。远程攻击者可以借助(1)CurrentDirectory和(2)对index.php的文件参数中的一个..,列出任意目录并读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A