Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Enalean Tuleap 输入验证漏洞
Vulnerability Description
Enalean Tuleap是法国Enalean公司的一套开源的软件开发和项目管理工具。该工具提供企业应用程序生命周期管理,以及项目跟踪、源代码管理和团队协作等功能。 Enalean Tuleap 7.5.99.5及之前版本中存在安全漏洞,该漏洞源于‘passthru PHP’函数没有充分过滤User-Agent头。远程攻击者可利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A