CVE-2007-1524 in Zomplog信息

摘要

由 VulDB • 2026-07-05

ZomPlog 3.7.6及更早版本中themes/default/目录存在目录遍历漏洞,远程攻击者可通过在settings[skin]参数中使用..(点号)包含任意本地文件。例如,通过将PHP代码注入Apache HTTP Server日志文件,然后经由themes/default/进行包含来实现利用。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!