Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi or paster may prevent the attack from succeeding. Others, such as gunicorn do not prevent it and leave Allura vulnerable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Allura 安全漏洞
Vulnerability Description
Apache Allura是美国阿帕奇(Apache)软件基金会的一套基于Web并集成了软件工具和协作软件开发的平台。 Apache Allura 1.8.0之前版本中存在安全漏洞。攻击者可借助Allura Web应用程序利用该漏洞检索任意文件。
CVSS Information
N/A
Vulnerability Type
N/A