NotFTP config.php本地文件包含漏洞

BUGTRAQ ID: 34636 CVECAN ID: CVE-2009-1407 NotFTP是用PHP编写的基于Web的HTTP-FTP网关。 NotFTP的config.php脚本没有正确地过滤用户所提交的参数，如果远程攻击者在提交的URL请求中使用newlang参数指定了本地系统的恶意文件的话，就可能在Web服务器上读取敏感信息或执行任意代码。以下是config.php脚本中的有漏洞代码段： if isset$newlang requireonce"lib/lang/".$languages$newlang"file"; elseif...

NotFTP Detection

This host is running NotFTP, a Web-based HTTP-FTP gateway written in PHP. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NotFTP Detection

This host is running NotFTP, a Web-based HTTP-FTP gateway written in PHP. OpenVAS Vulnerability Test $Id: notftpdetect.nasl 5737 2017-03-27 14:18:12Z cfi $ NotFTP Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is free software; you can redistribu...