Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin password, (2) force an admin logout, (3) change the visibility of posts, (4) remove links, and (5) change the name fields of a blog.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dootzky oBlog多个跨站请求伪造漏洞
Vulnerability Description
Oblog是一套经过完善设计的多用户博客建站程序,是Windows NT服务环境下多用户博客程序的最佳解决方案。精心设计的架构与功能机制,适合从个人到企业各方面应用的要求,为您提供一个安全、稳定、高效、易用而快捷的博客系统。分免费版和商业版等不同版本。 oBlog存在多个跨站请求伪造漏洞。远程攻击者可以借助劫持管理员用户的认证请求,(1) 修改管理员密码, (2) 强迫管理员注销, (3) 改变权限, (4) 删除链接以及(5) 改变博客的域名.
CVSS Information
N/A
Vulnerability Type
N/A