Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FoF Pretty Mail 1.1.2 Local File Inclusion via Email Template Settings
Vulnerability Description
FoF Pretty Mail 1.1.2 contains a local file inclusion vulnerability that allows administrative users to include arbitrary server files in email templates. Attackers can exploit the template settings by inserting file inclusion payloads to read sensitive system files like /etc/passwd during email generation.
CVSS Information
N/A
Vulnerability Type
PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)
Vulnerability Title
Pretty Mail by FriendsOfFlarum 安全漏洞
Vulnerability Description
Pretty Mail by FriendsOfFlarum是Friends of Flarum开源的一个允许您为电子邮件制作自定义html模板的工具。 Pretty Mail by FriendsOfFlarum 1.1.2版本存在安全漏洞,该漏洞源于电子邮件模板中存在本地文件包含,可能导致读取敏感系统文件。
CVSS Information
N/A
Vulnerability Type
N/A