Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adodb_lite.php, libs/org/adodb_lite/tests/test_datadictionary.php, or libs/org/adodb_lite/tests/test_adodb_lite_sessions.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yeager CMS 跨站请求伪造漏洞
Vulnerability Description
Yeager CMS是一套开源的内容管理系统(CMS)。 Yeager CMS 1.2.1版本中存在跨站请求伪造漏洞。远程攻击者可通过向多个文件发送‘dbhost’参数利用该漏洞触发越边界请求,枚举打开的端口(多个文件包括:libs/org/adodb_lite/tests/test_adodb_lite.php、libs/org/adodb_lite/tests/test_datadictionary.php、libs/org/adodb_lite/tests/test_adodb_lite_sessi
CVSS Information
N/A
Vulnerability Type
N/A