Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAttribute_data_user_password_30, and other parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ez_Systems eZ Publish '/user/register'远程特权扩大漏洞
Vulnerability Description
EZ Publish 3.5.6和更早版本,以及可能3.9.5,3.10.0和4.0.1之前的其他版本中的registration view(/user/register)允许远程攻击者借助修改过的ContentObjectAttribute_data_user_login_30,ContentObjectAttribute_data_user_password_30和其他参数获得其他用户特限。
CVSS Information
N/A
Vulnerability Type
N/A