Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in ShopXO 1.2.0. In the UnlinkDir method of the FileUtil.php file, the input parameters are not checked, resulting in input mishandling by the rmdir method. Attackers can delete arbitrary files by using "../" directory traversal.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ShopXO 路径遍历漏洞
Vulnerability Description
ShopXO是一套开源的企业级开源电子商务系统。 ShopXO 1.2.0版本中存在安全漏洞,该漏洞源于在FileUtil.php文件的UnlinkDir方法中,程序没有检查‘input’参数。攻击者可借助目录遍历序列‘../’利用该漏洞删除任意文件。
CVSS Information
N/A
Vulnerability Type
N/A