Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XAMPP WebDAV PHP Upload Authentication Bypass RCE
Vulnerability Description
A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits attackers to upload a malicious PHP payload and trigger its execution via a subsequent GET request, resulting in remote code execution on the server.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
XAMPP 安全漏洞
Vulnerability Description
XAMPP是一个易于安装的 Apache 发行版,包含 MariaDB、PHP 和 Perl。该产品主要用于构建网页服务器。 Apache Friends XAMPP 1.7.3版本存在安全漏洞,该漏洞源于默认WebDAV配置使用默认凭据,可能导致任意PHP代码上传和执行。
CVSS Information
N/A
Vulnerability Type
N/A