Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ravenphpscripts Raven Web Services RavenNuke '你的账户'模块'自定义范围'参数注入漏洞
Vulnerability Description
Raven Web Services RavenNuke的“你的账户”模块中的“自定义范围”参数存在Eval注入漏洞。远程管理员者可以通过对admin.php页面的yaCustomFields操作中的ID字段名称执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A