Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross Site Scripting vulnerability in ITFlow.org before commit v.432488eca3998c5be6b6b9e8f8ba01f54bc12378 allows a remtoe attacker to execute arbitrary code and obtain sensitive information via the settings.php, settings+company.php, settings_defaults.php,settings_integrations.php, settings_invoice.php, settings_localization.php, settings_mail.php components.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ITFlow 跨站请求伪造漏洞
Vulnerability Description
ITFlow是ITFlow开源的一款客户 IT 文档、票务和计费 ERP 软件。 ITFlow commit 432488eca3998c5be6b6b9e8f8ba01f54bc12378之前版本存在跨站请求伪造漏洞。攻击者利用该漏洞可以更改系统设置。
CVSS Information
N/A
Vulnerability Type
N/A