Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Globiz Solutions Snowfox CMS‘admin/accounts/create’跨站请求伪造漏洞
Vulnerability Description
Globiz Solutions Snowfox CMS是澳大利亚Globiz Solutions公司的一套开源的内容管理系统(CMS)。该系统支持网站用户根据权限配置来创建和共享内容、自定义内容结构以及创建自定义字段等。 Globiz Solutions Snowfox CMS 1.0及之前版本中存在跨站请求伪造漏洞。远程攻击者可借助admin/accounts/create URI中的submit操作利用该漏洞添加新的管理员账户。
CVSS Information
N/A
Vulnerability Type
N/A