Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Elcomplus SmartPTT SCADA Server Cross-site Request Forgery
Vulnerability Description
Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Vulnerability Type
信息暴露
Vulnerability Title
Elcomplus SmartPPT 跨站请求伪造漏洞
Vulnerability Description
Elcomplus SmartPPT是美国Elcomplus公司的一个集成语音和数据调度软件。 Elcomplus SmartPPT存在跨站请求伪造漏洞,该漏洞源于Web 应用程序不能或不能充分验证提交请求的用户是否故意提供了格式正确、有效、一致的请求。攻击者可能会诱使客户端向 Web 服务器发出无意的请求导致数据泄露或意外的代码执行。
CVSS Information
N/A
Vulnerability Type
N/A