Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Evilsentinel 'admin/index.php' 权限许可和访问控制漏洞
Vulnerability Description
Evilsentinel 1.0.9以及之前版本中的admin/index.PHP在不退出浏览器的条件下发送一个直接重定向请求到web浏览器,这使得远程攻击者可以获得管理员特权和修改任意的配置。
CVSS Information
N/A
Vulnerability Type
N/A