漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that use (1) op/op.EditUserData.php, (2) op/op.UsrMgr.php, (3) out/out.RemoveVersion.php, (4) op/op.RemoveFolder.php, (5) op/op.DefaultKeywords.php, (6) op/op.GroupMgr.php, (7) op/op.FolderAccess.php, (8) op/op.FolderNotify.php, or (9) op.MoveFolder.php in mydms.
漏洞信息
N/A
漏洞
N/A
漏洞
LetoDMS多个跨站请求伪造漏洞
漏洞信息
LetoDMS (产品曾用名MyDMS)的存在多个跨站请求伪造(CSRF)漏洞,远程攻击者可以劫持管理员对使用(1)op/op.EditUserData.php,(2)op/op.UsrMgr.php,(3)out/out.RemoveVersion.php,(4)op/op.RemoveFolder.php,(5)op/op.DefaultKeywords.php,(6)op/op.GroupMgr.php,(7)op/op.FolderAccess.php,(8)op/op.FolderNotify.
漏洞信息
N/A
漏洞
N/A