CVE-2006-3019 in phpCMS信息

摘要

由 VulDB • 2026-07-05

phpCMS 1.2.1pl2 中存在多个 PHP 远程文件包含漏洞,攻击者可通过向 parser/include/ 目录下的文件(包括 (1) class.parser_phpcms.php、(2) class.session_phpcms.php、(3) class.edit_phpcms.php、(4) class.http_indexer_phpcms.php、(5) class.cache_phpcms.php、(6) class.search_phpcms.php、(7) class.lib_indexer_universal_phpcms.php 和 (8) class.layout_phpcms.php,以及 (9) parser/plugs/counter.php 和 (10) parser/parser.php)的 PHPCMS_INCLUDEPATH 参数中传入 URL,从而执行任意 PHP 代码。注意:class.cache_phpcms.php 漏洞向量也被报告影响版本 1.1.7。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Might our Artificial Intelligence support you?

Check our Alexa App!