Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FoxCMS API Endpoint Site.php improper authorization
Vulnerability Description
A vulnerability classified as critical was found in FoxCMS up to 1.2. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint. The manipulation of the argument password leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
授权机制不恰当
Vulnerability Title
FoxCMS 安全漏洞
Vulnerability Description
FoxCMS是中国黔狐(FoxCMS)公司的一套可免费商用开源的内容管理系统。 FoxCMS 1.2及之前版本存在安全漏洞,该漏洞源于组件API Endpoint的文件/app/api/controller/Site.php的参数password会导致授权不当。
CVSS Information
N/A
Vulnerability Type
N/A