Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Podcast Generator多个模块文件包含和任意文件删除漏洞
Vulnerability Description
Podcast Generator是一套使用PHP语言编写的免费播客发布脚本。 Podcast Generator的core/archive_cat.php、core/admin/itunescategories.php和core/admin/login.php页面没有正确地过滤对GLOBALS[absoluteurl]参数所传送的输入,core/themes.php页面没有正确地过滤对GLOBALS[theme_path]参数所传送的输入,这可能用于包含本地或外部资源的任意文件;此外core/admin
CVSS Information
N/A
Vulnerability Type
N/A