Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authentication of users or administrators for requests that change the email address or password via the user action to index.php, and (2) hijack the authentication of the administrator for requests that create a new user via the admin/modules/user/new action to limny/index.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Limny多个跨站请求伪造漏洞
Vulnerability Description
Limny存在多个跨站请求伪造漏洞。远程攻击者可以借助(1)脚本index.php操作中的user操作挟持用户的认证或管理员修改email地址或密码的请求;(2)脚本limny/index.php的admin/modules/user/new操作挟持管理员创建新用户的权限。
CVSS Information
N/A
Vulnerability Type
N/A