Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
RunCMS 2M1, when running with certain error_reporting levels, allows remote attackers to obtain sensitive information via (1) the op[] parameter to modules/contact/index.php or (2) uid[] parameter to userinfo.php, which leaks the installation path in an error message when these parameters are used in a call to the preg_match function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RunCMS 2M1信息泄露漏洞
Vulnerability Description
RunCMS是国外的一个开源CMS,功能上包含了建站所需要的大部分功能。 当RunCMS 2M1在某个error_reporting级别上运行时,远程攻击者可以借助preg_match函数中运行时调用的参数(1) modules/contact/index.php的op[]参数或(2) userinfo.php的uid[]参数,获得安装路径信息。
CVSS Information
N/A
Vulnerability Type
N/A