Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EC-CUBE Easy Blog for EC-CUBE4 跨站请求伪造漏洞
Vulnerability Description
EC-CUBE Easy Blog for EC-CUBE4是日本EC-CUBE公司的一个内容管理系统的组件。 EC-CUBE Easy Blog for EC-CUBE4 存在跨站请求伪造漏洞,该漏洞源于对 HTTP 请求来源的验证不充分。远程攻击者可以欺骗受害者访问特制网页,并代表受害者在易受攻击的网站上执行任意操作。
CVSS Information
N/A
Vulnerability Type
N/A