漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
ElkArte Forum 1.1.9 Authenticated Remote Code Execution via Theme Upload
Vulnerability Description
ElkArte Forum 1.1.9 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the theme installation process. Attackers can upload a ZIP archive with a PHP file containing system commands, which can then be executed by accessing the uploaded file in the theme directory.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Elkarte 代码问题漏洞
Vulnerability Description
Elkarte是ElkArte开源的一个论坛软件。 Elkarte 1.1.9版本存在代码问题漏洞,该漏洞源于主题安装过程中存在PHP文件上传,可能导致执行系统命令。
CVSS Information
N/A
Vulnerability Type
N/A