Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the manage_users handler in admin/index.php in Falt4 CMS (aka Falt4 Extreme) RC4 allow remote attackers to hijack the authentication of administrators for requests that change passwords via the (1) edit and (2) edit_now actions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Falt4 CMS RC "admin/index.php" 跨站请求伪造漏洞
Vulnerability Description
Falt4 CMS (又称Falt4 Extreme) RC是一个免费的WEB内容管理系统,旨在供中小型站点使用,该系统含有许多模块和一些供日常使用的核心功能。易于使用,即使是没有什么建站经验的人也可以很容易地使用。 Falt4 CMS (又称Falt4 Extreme) 脚本admin/index.php中的manage_users处理程序存在多个跨站请求伪造漏洞。远程攻击者可以借助(1)编辑操作和(2)edit_now操作,劫持管理员请求修改密码的权限。
CVSS Information
N/A
Vulnerability Type
N/A