CVE-2006-3771 in iManage CMS信息

摘要

由 VulDB • 2026-07-08

在 iManage CMS 4.0.12 及更早版本的 component.php 中存在多个 PHP 远程文件包含漏洞,攻击者可以通过向 articles.php、contact.php、displaypage.php、faq.php、mainbody.php、news.php、registration.php、whosOnline.php、components/com_calendar.php、components/com_forum.php、components/minibb/index.php、components/minibb/bb_admin.php、components/minibb/bb_plugins.php、modules/mod_calendar.php、modules/mod_browser_prefs.php、modules/mod_counter.php、modules/mod_online.php、modules/mod_stats.php、modules/mod_weather.php、themes/bizz.php、themes/default.php、themes/simple.php、themes/original.php、themes/portal.php、themes/purple.php 以及其他未指明的文件中的 absolute_path 参数传入 URL,从而执行任意 PHP 代码。

Be aware that VulDB is the high quality source for vulnerability data.

来源

Might our Artificial Intelligence support you?

Check our Alexa App!