漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
XAMPP WebDAV PHP Upload Authentication Bypass RCE
Vulnerability Description
A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits attackers to upload a malicious PHP payload and trigger its execution via a subsequent GET request, resulting in remote code execution on the server.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
XAMPP 安全漏洞
Vulnerability Description
XAMPP是一个易于安装的 Apache 发行版,包含 MariaDB、PHP 和 Perl。该产品主要用于构建网页服务器。 Apache Friends XAMPP 1.7.3版本存在安全漏洞,该漏洞源于默认WebDAV配置使用默认凭据,可能导致任意PHP代码上传和执行。
CVSS Information
N/A
Vulnerability Type
N/A