漏洞标题
winter CMS 本地文件Inclusion 通过服务器端模板注入
漏洞描述信息
Winter 是一个免费、开源的内容管理系统。拥有访问包含 ColorPicker FormWidget 的后端表单的用户可以在通过 LESS 编译自定义样式表时无需进行进一步处理而提供值。这可能会引发本地文件包含漏洞。这一问题在 v1.2.4 版本中已修复。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
漏洞类别
对路径名的限制不恰当(路径遍历)
漏洞标题
Winter CMS Local File Inclusion through Server Side Template Injection
漏洞描述信息
Winter is a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be included without further processing in the compilation of custom stylesheets via LESS. This had the potential to lead to a Local File Inclusion vulnerability. This issue has been patched in v1.2.4.
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
漏洞类别
对路径名的限制不恰当(路径遍历)
漏洞标题
Winter 路径遍历漏洞
漏洞描述信息
Winter是基于 Laravel PHP 框架的免费、开源、自托管 CMS 平台。 Winter 1.2.4之前版本存在路径遍历漏洞,该漏洞源于允许攻击者通过提供给后端ColorPicker FormWidget的值的LESS编译来包含本地文件。
CVSS信息
N/A
漏洞类别
路径遍历