Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts via a member_new action to my_admin/admin1_members.php or (2) modify the default site title via a save action to my_admin/admin1_configuration.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SocialCMS 多个跨站请求伪造漏洞
Vulnerability Description
SocialCMS是一个免费和开源的内容管理软件。 SocialCMS 1.0.2版本中存在多个跨站请求伪造(CSRF)漏洞。远程攻击者可利用这些漏洞通过劫持管理员身份验证(1)my_admin/admin1_members.php脚本中的member_new操作添加用户账户或(2)my_admin/admin1_configuration.php脚本的保存操作修改默认站点标题的请求。
CVSS Information
N/A
Vulnerability Type
N/A