Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Xavoc xEpan CMS 跨站请求伪造漏洞
Vulnerability Description
Xavoc xEpan CMS是印度Xavoc公司的一套开源的基于PHP的内容管理系统(CMS)。该系统提供电子商务、产品目录和幻灯片放映等模块。 Xavoc xEpan CMS中存在跨站请求伪造漏洞。远程攻击者可通过向owner/users页面发送特制请求利用该漏洞创建新的管理账户。以下版本受到影响:Xavoc xEpan CMS 1.0.4.1版本,1.0.4版本,1.0.1及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A