Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Local File Inclusion (LFI) leading to sensitive data exposure
Vulnerability Description
Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW) allows a remote attacker to obtain sensitive data via arbitrary code execution. A malicious actor could execute malicious scripts to automatically download configuration files in known locations to exfiltrate data including credentials, and with no rate limiting a malicious actor could enumerate the filesystem of the host machine and potentially lead to full host compromise. This issue affects Rock Maker Web: from 3.2.1.1 and later
CVSS Information
N/A
Vulnerability Type
PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)
Vulnerability Title
Formulatrix Rock Maker Web 安全漏洞
Vulnerability Description
Formulatrix Rock Maker Web是Formulatrix公司的一款应用程序。适用于平板电脑,支持常见的平板电脑手势,旨在让您用指尖完成工作。 Formulatrix Rock Maker Web 3.2.1.1及之前版本存在安全漏洞,该漏洞源于Render函数存在本地文件包含,可能导致获取敏感数据或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A