| शीर्षक | Inis Inis blog system ≤v2.0.1 Arbitrary File Read |
|---|
| विवरण | An Arbitrary File Read vulnerability has been discovered in the Inis Blog System's 'File.php' script, affecting versions up to 2.0.1. The flaw, identified by researcher glzjin, allows an attacker to read sensitive files on the server, such as '/etc/passwd', by exploiting inadequate input validation in the file path parameter of a cURL request. Users can be compromised by a simple crafted GET request, making it a critical security issue that requires immediate attention and patching. |
|---|
| स्रोत | ⚠️ https://note.zhaoj.in/share/VYx8H9u8gyHw |
|---|
| उपयोगकर्ता | glzjin (UID 59815) |
|---|
| सबमिशन | 05/01/2024 09:49 AM (2 साल पहले) |
|---|
| संयम | 09/01/2024 02:49 PM (4 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 250109 [Inis तक 2.0.1 GET Request File.php path सूचना का प्रकटीकरण] |
|---|
| अंक | 20 |
|---|