Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Static code injection vulnerability in Sanus|artificium (aka Sanusart) Free simple guestbook PHP script, when downloaded before 20081111, allows remote attackers to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is accessed. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sansuart Free simple PHP guestbook 'act.php'代码注入漏洞
Vulnerability Description
Sanus|artificium (又称作 Sanusart) Free simple guestbook PHP脚本中的静态代码注入漏洞,在20081111前下载的情况下,会允许远程攻击者通过对act.php的信息参数来向messages.txt注入任意PHP代码。它在guestbook/guestbook.phpexecuted被访问的时候执行。
CVSS Information
N/A
Vulnerability Type
N/A