Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS 0.75 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via the user id number to admin/user/delete; (2) delete pages via the page id number to admin/page/delete; delete the (3) images or (4) themes directory via the directory name to admin/plugin/file_manager/delete, and possibly other directories; or (5) logout the user via a request to admin/login/logout.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Wolf CMS 跨站请求伪造漏洞
Vulnerability Description
Wolf CMS是Wolf CMS团队开发的一套基于PHP的开源内容管理系统(CMS)。该系统提供用户界面、模板、用户管理和权限管理等功能。 Wolf CMS 0.75和早期版本中存在多个跨站请求伪造(CSRF)漏洞。远程攻击者可利用这些漏洞劫持管理员身份验证请求包括(1)通过用户id号删除admin/user/delete目录下的用户(2)通过页面id号删除admin/page/delete下的页面;通过目录名删除admin/plugin/file_manager/delete下的(3)图像或(4)主题
CVSS Information
N/A
Vulnerability Type
N/A