漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
WebPageTest Arbitrary PHP File Upload RCE
漏洞信息
WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the resultimage.php script. The application fails to validate or sanitize user-supplied input before saving uploaded files to a publicly accessible directory. This flaw allows remote attackers to upload and execute arbitrary PHP code, resulting in full remote code execution under the web server context.
漏洞信息
N/A
漏洞
危险类型文件的不加限制上传
漏洞
Catchpoint Systems WebPageTest 安全漏洞
漏洞信息
Catchpoint Systems WebPageTest是Catchpoint Systems开源的一个测试和分析网页性能的工具。 WebPageTest 2.6及之前版本存在安全漏洞,该漏洞源于resultimage.php脚本未验证上传文件,可能导致任意文件上传和远程代码执行。
漏洞信息
N/A
漏洞
N/A