Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that (1) delete users via the delete action in the ma2 parameter or (2) create administrators via the update action in the ma2 parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ASPCode CMS 跨站请求伪造漏洞
Vulnerability Description
ASPCode CMS是一个网站内容管理系统,使任何人都能够快速创建和管理网站。 ASPCode CMS 的default.asp脚本存在跨站请求伪造漏洞。远程攻击者可以借助 ma2参数的删除或者更新操作,挟持一个管理员用户的请求认证。
CVSS Information
N/A
Vulnerability Type
N/A