Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read and possibly execute arbitrary files via a .. (dot dot) in the pfadhier parameter. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Papoo 'lib/classes/message_class.php'目录遍历漏洞
Vulnerability Description
Papoo是一款领先的小型网站内容管理系统(CMS)。 Papoo CMS 3.6版本的lib/classes/message_class.php中存在目录遍历漏洞,当register_globals被激活时 and magic_quotes_gpc被中止时,远程攻击者可以借助pfadhier参数的一个..,读取并可能运行任意文件。
CVSS Information
N/A
Vulnerability Type
N/A