Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appear to be exploitable via The attacker must have permission to upload addons.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ovidentia 安全漏洞
Vulnerability Description
Ovidentia是法国CANTICO团队开发的一套基于PHP和MySQL的开源内容管理系统和协作平台,它可用于发布和管理项目、出版和文章管理、日程共享等。 Ovidentia?8.4.3及之前版本中的utilit.php文件存在安全漏洞,该漏洞源于程序未过滤用户的输入。远程攻击者可借助‘bab_getAddonFilePathfromTg’函数利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A