Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Arab Portal 'modules/aljazeera/admin/setup.php'脚本 'module' 参数 目录遍历漏洞
Vulnerability Description
Arab Portal的modules/aljazeera/admin/setup.php 中存在目录遍历漏洞。当register_globals 开启和magic_quotes_gpc禁止时,远程攻击者可以借助module参数中的一个".."(dot dot)来包含和执行任意的本地文件。
CVSS Information
N/A
Vulnerability Type
N/A