漏洞标题
N/A
漏洞描述信息
## 概述
多个PHP远程文件包含漏洞存在于magic photo storage网站中。攻击者可以通过 `_config[site_path]` 参数中的URL利用这些漏洞,执行任意PHP代码。
## 影响版本
未具体说明影响版本。
## 细节
攻击者可以通过以下文件中的 `_config[site_path]` 参数中的URL执行任意PHP代码:
- `admin/` 目录下的以下文件:
- admin_password.php
- add_welcome_text.php
- admin_email.php
- add_templates.php
- admin_paypal_email.php
- approve_member.php
- delete_member.php
- index.php
- list_members.php
- membership_pricing.php
- send_email.php
- `include/` 目录下的以下文件:
- config.php
- db_config.php
- `user/` 目录下的以下文件:
- add_category.php
- add_news.php
- change_catalog_template.php
- couple_milestone.php
- couple_profile.php
- delete_category.php
- index.php
- login.php
- logout.php
- register.php
- upload_photo.php
- user_catelog_password.php
- user_email.php
- user_extend.php
- user_membership_password.php
## 影响
攻击者可以通过控制 `_config[site_path]` 参数中的URL,利用远程文件包含漏洞在目标服务器上执行任意PHP代码,可能导致安全风险,例如数据泄露或服务器被控制等。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Multiple PHP remote file inclusion vulnerabilities in magic photo storage website allow remote attackers to execute arbitrary PHP code via a URL in the _config[site_path] parameter to (1) admin_password.php, (2) add_welcome_text.php, (3) admin_email.php, (4) add_templates.php, (5) admin_paypal_email.php, (6) approve_member.php, (7) delete_member.php, (8) index.php, (9) list_members.php, (10) membership_pricing.php, or (11) send_email.php in admin/; (12) config.php or (13) db_config.php in include/; or (14) add_category.php, (15) add_news.php, (16) change_catalog_template.php, (17) couple_milestone.php, (18) couple_profile.php, (19) delete_category.php, (20) index.php, (21) login.php, (22) logout.php, (23) register.php, (24) upload_photo.php, (25) user_catelog_password.php, (26) user_email.php, (27) user_extend.php, or (28) user_membership_password.php in user/. NOTE: the include/common_function.php vector is already covered by another candidate from the same date.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Magic Photo Storage Website 多个PHP远程文件包含漏洞
漏洞描述信息
magic photo storage website中存在多个PHP远程文件包含漏洞。远程攻击者可以借助提交到admin/中的(1)admin_password.php,(2) add_welcome_text.php,(3)admin_email.php,(4)add_templates.php,(5)admin_paypal_email.php,(6)approve_member.php,(7)delete_member.php, (8)index.php,(9)list_members.php,(
CVSS信息
N/A
漏洞类别
授权问题