Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack
Vulnerability Description
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion (LFI) via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the loading of a PHP file on the server, leading to a critical webshell exploit.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
从非可信控制范围包含功能例程
Vulnerability Title
WPN-XM Serverstack 安全漏洞
Vulnerability Description
WPN-XM Serverstack是WPN-XM组织的一个用于在 Windows 上开发 PHP 的服务器堆栈。 WPN-XM Serverstack 0.8.6版本存在安全漏洞,该漏洞源于存在本地文件包含漏洞,可能导致在服务器上加载PHP文件,从而导致严重的Webshell攻击。
CVSS Information
N/A
Vulnerability Type
N/A