漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Multiple directory traversal vulnerabilities in dit.cms 1.3, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path parameter to index.php in (1) install/, (2) menus/left_rightslideopen/, (3) menus/side_pullout/, (4) menus/side_slideopen/, (5) menus/simple/, (6) menus/top_dropdown/, and (7) menus/topside/; the sitemap parameter to index.php in (8) menus/left_rightslideopen/, (9) menus/side_pullout/, (10) menus/side_slideopen/, (11) menus/top_dropdown/, and (12) menus/topside/; and the (13) relPath parameter to index/index.php. NOTE: PHP remote file inclusion vulnerabilities reportedly also exist for some of these vectors.
漏洞信息
N/A
漏洞
N/A
漏洞
dit.cms多个目录遍历漏洞
漏洞信息
dit.cms 1.3中存在多个目录遍历漏洞,当启用register_globals时,远程攻击者可以通过发送给(1)install/,(2)menus /left_rightslideopen/,(3)menus/side_pullout/,(4)menus/side_slideopen/, (5)menus/simple/,(6)menus/top_dropdown/,以及(7)menus/topside/下的index.php的 path参数,以及发送给(8)menus/left_rightslid
漏洞信息
N/A
漏洞
N/A