Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
codelyfe Stupid Simple CMS Deletion Interface delete.php improper authentication
Vulnerability Description
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /file-manager/delete.php of the component Deletion Interface. The manipulation of the argument file leads to improper authentication. The exploit has been disclosed to the public and may be used. The identifier VDB-248269 was assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
认证机制不恰当
Vulnerability Title
Stupid Simple CMS 授权问题漏洞
Vulnerability Description
Stupid Simple CMS是codelyfe个人开发者的一个内容管理系统。 Stupid Simple CMS 1.2.4及之前版本存在授权问题漏洞,该漏洞源于文件/file-manager/delete.php的参数file会导致身份验证不正确。
CVSS Information
N/A
Vulnerability Type
N/A