Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to an authenticated session, which allows remote attackers to obtain access to the "admin area" via a modified this_cookie cookie.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CcMail Cookie 安全绕过漏洞
Vulnerability Description
Cicoandcico CcMail 1.0.1 及其早期版本并不会校验出this_cookie cookie相应的一个授权会话,远程攻击者通过一个修改的this_cookie cookie来获得"管理区域"的访问权。
CVSS Information
N/A
Vulnerability Type
N/A