Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting in ability to delete files limited by file permissions on the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
October CMS 安全漏洞
Vulnerability Description
October CMS是加拿大软件开发者Alexey Bobkov和澳大利亚软件开发者Samuel Georges共同研发的一套开源的、自托管的建立在Laravel PHP框架基础上的内容管理系统(CMS)。 October CMS build 412版本中的asset move功能存在PHP对象注入漏洞。攻击者可利用该漏洞删除受限制的文件。
CVSS Information
N/A
Vulnerability Type
N/A