Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yabsoft Mega File Hosting Script 'cross.php'远程文件包含漏洞
Vulnerability Description
Mega File Hosting Scrip(MFHS)是一种先进的文件寄存及共享脚本,让用户上载大文件到服务器和电子邮件中的文件下载链接到自己和其他电子邮件收件人。 YABSoft Mega File Hosting 1.2版本的cross.php中存在PHP远程文件包含漏洞。远程攻击者可以借助url参数中的一个URL,执行任意PHP代码。注意:该漏洞还可以借助 ..序列,包含和运行任意本地文件。
CVSS Information
N/A
Vulnerability Type
N/A