EDB-4696webappsphp已验证

SerWeb 2.0.0 dev1 2007-02-20 - Multiple Local/Remote File Inclusion Vulnerabilities

GoLd_M12/6/2007

在Exploit-DB查看在GitLab查看源代码

AI分析AI驱动

漏洞利用代码

Exploit code not available in database

在GitLab查看源代码

CVE-2007-6290

NONE

Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters.

12/10/2007CWE-22

CVE-2007-6289

NONE

Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang.

Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang....

12/10/2007CWE-94