Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GenCMS目录遍历漏洞
Vulnerability Description
GenCMS 是一个小型CMS(内容管理系统)。 GenCMS 2006版本中存在多个目录遍历漏洞。攻击者首先需要上传一个恶意文件或注入任意指令到现有的文件,然后通过使用“p”或step参数,来发送一个特制的URL请求到how.php和SiteNew.php脚本,以便确定一个来自本地系统的恶意文件。成功利用此漏洞可以在易受攻击的web服务器上获取敏感信息或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A