VULHUB ™

Supasite存在多个PHP远程文件包含漏洞。远程攻击者可以借助提交到(1)common_functions.php,(2)admin_auth_cookies.php,(3)admin_mods.php,(4)admin_news.php,(5)admin_topics.php,(6)admin_users.php,(7)admin_utilities.php,(8)site_comment.php或(9)site_news.php的supa[db_path]参数或到(10)admin_settings.php或(11)backend_site.php的supa[include_path]参数中的一个URL，执行任意的PHP代码。

Supasite存在多个PHP远程文件包含漏洞。远程攻击者可以借助提交到(1)common_functions.php,(2)admin_auth_cookies.php,(3)admin_mods.php,(4)admin_news.php,(5)admin_topics.php,(6)admin_users.php,(7)admin_utilities.php,(8)site_comment.php或(9)site_news.php的supa[db_path]参数或到(10)admin_settings.php或(11)backend_site.php的supa[include_path]参数中的一个URL，执行任意的PHP代码。