Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple PHP remote file inclusion vulnerabilities in GRBoard 1.8, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) theme parameter to (a) 179_squarebox_pds_list/view.php, (b) 179_squarebox_minishop_expand/view.php, (c) 179_squarebox_gallery_list_pds/view.php, (d) 179_squarebox_gallery_list/view.php, (e) 179_squarebox_gallery/view.php, (f) 179_squarebox_board_swfupload/view.php, (g) 179_squarebox_board_expand/view.php, (h) 179_squarebox_board_basic_with_grcode/view.php, (i) 179_squarebox_board_basic/view.php, (j) 179_simplebar_pds_list/view.php, (k) 179_simplebar_notice/view.php, (l) 179_simplebar_gallery_list_pds/view.php, (m) 179_simplebar_gallery/view.php, and (n) 179_simplebar_basic/view.php in theme/; the (2) path parameter to (o) latest/sirini_gallery_latest/list.php; and the (3) grboard parameter to (p) include.php and (q) form_mail.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Gboard 代码注入漏洞
Vulnerability Description
Google Gboard是美国谷歌(Google)公司的一款为Android和iOS设备开发的输入法程序,提供滑行输入及语音输入等功能,并支持输入三百余种语言。 Google Gboard 存在代码注入漏洞,攻击者可通过(2)路径参数(o)latest/sirini_gallery_latest/list.php;和(3)grboard 参数到(p)include.php 和(q)form_mail.php 进行攻击。
CVSS Information
N/A
Vulnerability Type
N/A