Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final installation screen states "Important: you must now delete all files beginning with 'install' from the root directory."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Acidcat CMS 'install.asp'脚本权限许可和访问控制漏洞
Vulnerability Description
Acidcat CMS是可以通过浏览器被执行的网站和简单的管理系统。 Acidcat CMS 没有在安装完成以后阻止对“install.asp”的访问,允许远程攻击者通过对“install.asp”和其它“install_*.asp” 脚本的请求重新启动安装进程并造成其他未明影响。注意:最终安装状态显示“重点:你必须立刻从根目录删除所有以“install”开头的文件。”
CVSS Information
N/A
Vulnerability Type
N/A