Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The installation process for SOPlanning 1.32 and earlier allows remote authenticated users with a prepared database, and access to an existing database with a crafted name, or permissions to create arbitrary databases, or if PHP before 5.2 is being used, the configuration database is down, and smarty/templates_c is not writable to execute arbitrary php code via a crafted database name.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SOPlanning 安全漏洞
Vulnerability Description
SOPlanning是一套免费且开源的在线项目生产和管理工具。 SOPlanning 1.32及之前的版本中的安装过程存在安全漏洞。远程攻击者可借助特制的数据库名利用该漏洞执行任意的php代码。
CVSS Information
N/A
Vulnerability Type
N/A