Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into phpthumb class. The attack vector is: web request via /assets/components/gallery/connector.php.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
MODX Revolution Gallery 代码问题漏洞
Vulnerability Description
MODX Revolution是美国MODX公司的一套基于PHP的开源内容管理系统(CMS)。该系统支持在线协作、搜索引擎优化(SEO)等。MODX Revolution Gallery是MODX Revolution的动态附加库,它能够对图像进行排序,并在网站的前端以多种方式显示。 MODX Revolution Gallery 1.7.0版本中存在代码问题漏洞。攻击者可利用该漏洞创建带有自定义名称和内容的文件。
CVSS Information
N/A
Vulnerability Type
N/A