漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
osCommerce <= 2.2 Admin File Manager Arbitrary PHP Code Execution
Vulnerability Description
osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative file manager utility (admin/file_manager.php). The interface allows file uploads and edits without sufficient input validation or access control. An unauthenticated attacker can craft a POST request to upload a .php file containing arbitrary code, which is then executed by the server.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
osCommerce 安全漏洞
Vulnerability Description
osCommerce是osCommerce公司的一套基于GNUGPL授权的开源在线购物电子商务解决方案。 osCommerce 2.2 RC2a及之前版本存在安全漏洞,该漏洞源于管理文件管理器工具缺少输入验证和访问控制,可能导致上传和执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A