Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eyoucms 1.5.4 is vulnerable to Directory Traversal. Due to a lack of input data sanitizaton in param tpldir, filename, type, nid an attacker can inject "../" to escape and write file to writeable directories.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Eyoucms 路径遍历漏洞
Vulnerability Description
赞赞网络科技 EyouCms(易优CMS)是中国赞赞网络科技公司的一套基于ThinkPHP的开源内容管理系统(CMS)。 Eyoucms 存在路径遍历漏洞,该漏洞源于 Eyoucms 1.5.4 容易受到目录遍历的影响。由于参数 tpldir、文件名、类型、nid 中缺少输入数据清理,攻击者可以注入“../”来转义并将文件写入可写目录。
CVSS Information
N/A
Vulnerability Type
N/A