Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in Tribiq CMS 5.0.12c, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and possibly execute arbitrary files via directory traversal sequences in the template_path parameter to (1) masthead.inc.php, (2) toppanel.inc.php, and (3) contact.inc.php in templates/mytribiqsite/tribiq-CL-9000/includes; and the use_template_family parameter to (4) templates/mytribiqsite/tribiq-CL-9000/includes/nlarlist_content.inc.php. NOTE: the tribal-GPL-1066/includes/header.inc.php vector is already covered by CVE-2008-4894.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tribiq CMS 多个目录遍历漏洞
Vulnerability Description
Tribiq CMS 5.0.12c版本中存在多个目录遍历漏洞,当register_globals被激活且magic_quotes_gpc被中止时,远程攻击者可以借助对(1)masthead.inc.php,(2)toppanel.inc.php,(3)templates/mytribiqsite/tribiq-CL-9000/includes的contact.inc.php;以及对(4)templates/mytribiqsite/tribiq-CL-9000/includes/nlarlist_con
CVSS Information
N/A
Vulnerability Type
N/A