Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the preg_replace function with the eval switch, as specified in an element of the patterns array.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ravenphpscripts Raven Web Services RavenNuke'你的账户'模块任意代码执行漏洞
Vulnerability Description
RavenNuke是基于PHP和MySQL的自动新闻发布和内容管理系统。 Raven Web Services RavenNuke的“你的账户”模块中的“avatarlist.php”至“modules.php”存在代码执行漏洞。如同少许样品阵列指明的那样,preg_replace函数使用eval交换处理少许复位阵列中的PHP序列,远程攻击者可以利用此PHP序列执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A