漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) search.php, (2) archive.php, (3) comments.php, and (4) news.php; (5) News.php, (6) SendFriend.php, (7) Archive.php, and (8) Comments.php in base/; and possibly other components, different vectors than CVE-2007-1288.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Webmobo WB News多个PHP远程文件包含漏洞
Vulnerability Description
WB News 2.0.1版本中存在多个PHP远程文件包含漏洞。当register_globals被激活时,远程攻击者可以借助对base/中的(1)search.php,(2)archive.php,(3)comments.php,(4)news.php,(5)News.php,(6)SendFriend.php,(7)Archive.php和(8)Comments.php的config[installdir]参数中的一个URL,执行任意的PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A