Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NewsPro 1.01 allows remote attackers to gain unauthorized administrator access by setting their authentication cookie to "logged,true".
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NewsPro 1.01可绕过管理员验证进行访问漏洞
Vulnerability Description
NewsPro是一款小型新闻系统,可使用在多种Linux和Unix操作系统下。 NewsPro 1.01是一款小型新闻系统,可使用在多种Linux和Unix操作系统下。NewsPro 1.01的验证机制存在漏洞,可导致远程攻击者修改Cookie数据无需认证访问系统。攻击者通过构建包含"logged,true"的Cookie数据,就能无需认证以管理员权限访问NewsPro 1.01系统。<*链接:http://www.ifrance.com/kitetoua/tuto/5holes4.txt*>
CVSS Information
N/A
Vulnerability Type
N/A