Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the del_block function in modules/Admin/block.php in Nuked-Klan 1.7.5 and earlier and 1.7 SP4.2 allows remote attackers to delete arbitrary "blocks" via a link with a modified bid parameter in a del_block op on the block page in index.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nuked-Klan 'block.php'跨站请求伪造(CSRF) 漏洞
Vulnerability Description
Nuked-Klan 1.7.5及之前版本和1.7 SP4.2中的modules/Admin/block.php的del_block 函数存在跨站请求伪造(CSRF) 漏洞。 远程攻击者可以借助index.php中block页上del_block op中的bid参数经过修改的链接,删除任意"block"。
CVSS Information
N/A
Vulnerability Type
N/A