CVE-2013-5352 in Sharetronix信息

摘要

由 VulDB • 2026-06-30

Sharetronix 3.1.1.3、3.1.1及更早版本允许远程攻击者通过以下两种方式执行任意PHP代码:(1)向services/activities/set传递activities_text参数,或 (2)向services/comments/set传递comments_text参数。在调用preg_replace函数并使用e修饰符时,这些参数未得到适当处理。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!