[KIS-2023-13] ISP 配置 <= 3.2.11(language_edit.php)PHP 代碼插入漏洞

https://seclists.org/fulldisclosure/2023/Dec/2

[KIS-2023-13] ISPConfig <= 3.2.11 (language_edit.php) PHP Code Injection Vulnerability. User input passed through the "records" POST parameter to /admin/language_edit.php is not properly sanitized before being used, allowing injection and execution of arbitrary PHP code. Upgrade to version 3.2.11p1 or later to fix. More info: https://karmainsecurity.com/KIS-2023-13 via Full Disclosure December 13, 2023 at 07:24AM

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *