Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the cpass functionality in an admin action in index.php in XCMS allows remote attackers to change arbitrary passwords via certain password_ and rpassword_ parameters, possibly related to timestamp values.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Xcms Xcms 跨站请求伪造漏洞
Vulnerability Description
XCMS中index.php的一个管理操作中的cpass函数存在跨站请求伪造漏洞,远程攻击者可以借助特定password_和rpassword_ 参数改变任意密码,该漏洞可能与timestamp值相关。
CVSS Information
N/A
Vulnerability Type
N/A