Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall 1.7.0 (build 7907 and 7906) and SkaDate Lite 2.0 (build 7651) allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks or possibly have other unspecified impact via the (1) label parameter to admin/users/roles/, (2) lang[1][base][questions_account_type_5615100a931845eca8da20cfdf7327e0] in an AddAccountType action or (3) qst_name parameter in an addQuestion action to admin/questions/ajax-responder/, or (4) form_name or (5) restrictedUsername parameter to admin/restricted-usernames.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Oxwall和SkaDate Lite 跨站请求伪造漏洞
Vulnerability Description
Oxwall是Oxwall基金会的一套免费、开源的、基于PHP和MySQL的社区软件平台,它可通过后台管理系统来控制用户和任意内容、查看统计、管理广告等。Skalfa SkaDate Lite是Skalfa公司的一套开源的建站工具,它可创建交友网站,并支持第三方扩展、项目定制等。 Oxwall 1.7.0 (build 7907和7906)版本和SkaDate Lite 2.0 (build 7651)版本中存在跨站请求伪造漏洞,该漏洞源于admin/users/roles/ URL没有充分过滤‘labe
CVSS Information
N/A
Vulnerability Type
N/A