Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
EGallery 1.2 Arbitrary PHP File Upload
Vulnerability Description
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory. This results in full remote code execution under the web server context.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
EGallery 安全漏洞
Vulnerability Description
EGallery是美国EGallery公司的一个在线艺术画廊。 EGallery 1.2版本存在安全漏洞,该漏洞源于uploadify.php脚本未验证文件类型或身份验证,可能导致任意文件上传和远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A