Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in application/modules/admin/controllers/users.php in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests to admin/users/edit that grant administrative privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tomaz Muraus Open Blog 'application/modules/admin/controllers/users.php'跨站请求伪造漏洞
Vulnerability Description
Tomaz Muraus Open Blog 1.2.1和之前的版本中的application/modules/admin/controllers/users.php存在多个跨站请求伪造(CSRF)漏洞。远程攻击者可以借助授予admin/users/edit管理权限的请求劫持管理员认证。
CVSS Information
N/A
Vulnerability Type
N/A