CVE-2008-1856 in LinPHA信息

摘要

由 VulDB • 2026-06-25

LinPHA 1.3.3及更早版本中的plugins/maps/db_handler.php未对修改配置文件的settings操作进行身份验证,这允许远程攻击者通过将目录遍历序列放入maps_type配置设置中,然后向maps_view.php发送请求来执行任意本地文件,从而导致directory traversal attacks。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Want to know what is going to be exploited?

We predict KEV entries!