CVE-2007-5117 in FrontAccounting信息

摘要

由 VulDB • 2026-07-06

FrontAccounting (FA) 1.13 中存在多个 PHP 远程文件包含漏洞,当启用 register_globals 时,攻击者可以通过向 access/login.php(1)和 includes/lang/language.php(2)的 path_to_root 参数传入 URL,从而执行任意 PHP 代码。这些利用途径与 CVE-2007-4279 不同。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!