Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify the description of any user's photo via the "photoid%5B%5D" and "photodesc%5B%5D" parameters in the component "index.php?app=photo."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ThinkSAAS 安全漏洞
Vulnerability Description
ThinkSAAS是一套基于PHP和MySQL的开源社区开发系统。 ThinkSAAS 2.7版本存在安全漏洞,远程攻击者通过组件 index.php?app=photo 中的 photoid%5B%5D 和 photodesc%5B%5D 参数修改任何用户照片的描述。
CVSS Information
N/A
Vulnerability Type
N/A