Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web application and record the associated session identifier. The attacker then causes the victim to authenticate against the server using the same session identifier. The attacker can access the user's account through the active session. The Session Fixation attack fixes a session on the victim's browser, so the attack starts before the user logs in.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WonderCMS 安全漏洞
Vulnerability Description
WonderCMS是一套基于PHP的内容管理系统(CMS)。 WonderCMS 2.5.2版本中存在安全漏洞。攻击者可通过在Web应用程序上创建一个新的会话并记录下关联的会话标识符,然后诱使用户使用同一个会话标识符进行身份验证利用该漏洞访问用户的账户。
CVSS Information
N/A
Vulnerability Type
N/A