Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Online Examination System Project 1.0 version is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can craft a malicious link that, when clicked by an admin user, will delete a user account from the database without the admin's consent. The email of the user to be deleted is passed as a parameter in the URL, which can be manipulated by the attacker. This could result in a loss of data.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Project Worlds Online Examination System 跨站请求伪造漏洞
Vulnerability Description
Project Worlds Online Examination System是一款在线考试系统 Project Worlds Online Examination System 1.0版本存在跨站请求伪造漏洞,该漏洞源于攻击者可以制作一个恶意链接,当管理员用户单击该链接时,会在未经管理员同意的情况下从数据库中删除用户帐户,导致数据丢失。
CVSS Information
N/A
Vulnerability Type
N/A