Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action. For example, this can be used to overwrite a .php file because the file extension is not checked.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FineCMS 安全漏洞
Vulnerability Description
FineCMS是一套使用MVC架构和PDO数据库接口开发的内容管理系统(CMS)。 FineCMS 2017-07-11及之前的版本中的application/core/controller/style.php文件存在安全漏洞。远程攻击者可借助route=style action中的‘contents’和‘filename’参数利用该漏洞写入到任意的文件。
CVSS Information
N/A
Vulnerability Type
N/A