Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CMS Chainuk 1.2 and earlier allows remote attackers to obtain sensitive information via (1) a crafted id parameter to index.php or (2) a nonexistent folder name in the id parameter to admin/admin_delete.php, which reveals the installation path in an error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cms.Tut.Su CMS Chainuk 'index.php,admin_delete.php'信息泄露漏洞
Vulnerability Description
CMS Chainuk 1.2以及之前版本允许远程攻击者借助(1)为index.php提交特制的ID参数或者(2)为admin/admin_delete.php提交不存在的文件夹名称使页面报错来获取敏感信息。后者会以错误的信息显示安装路径。
CVSS Information
N/A
Vulnerability Type
N/A