漏洞标题
此段内容似乎是描述了一个技术问题,特别是与一个航空公司预订系统的源代码相关的问题。这段英文可能是描述了在管理类(admin_class.php)中的“save_settings”函数中存在未受限制的上传漏洞。以下是中文翻译:
航空公司预订系统源代码中,`admin_class.php`文件的`sava_settings`函数存在不受限制的上传问题。
漏洞描述信息
在Airline Reservation System 1.0的源代码中发现了一个漏洞,已经被评为严重级别。本问题影响文件admin/admin_class.php中名为save_settings的功能。通过操控参数img,会导致无限制的文件上传。该攻击可远程发动。该漏洞已被公开披露并可能被利用。此漏洞的标识符为VDB-273626。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
危险类型文件的不加限制上传
漏洞标题
itsourcecode Airline Reservation System admin_class.php save_settings unrestricted upload
漏洞描述信息
A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been rated as critical. Affected by this issue is the function save_settings of the file admin/admin_class.php. The manipulation of the argument img leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273626 is the identifier assigned to this vulnerability.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
漏洞类别
危险类型文件的不加限制上传
漏洞标题
itsourcecode Airline Reservation System 代码问题漏洞
漏洞描述信息
itsourcecode Airline Reservation System是itsourcecode公司的一个航空预订系统。 itsourcecode Airline Reservation System 1.0版本存在代码问题漏洞,该漏洞源于对参数img的错误操作会导致文件无限制上传。
CVSS信息
N/A
漏洞类别
代码问题