Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
dazhouda lecms Password Change index.php cross-site request forgery
Vulnerability Description
A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Lecms 安全漏洞
Vulnerability Description
Lecms是Lecms公司的一款由PHP语言开发的千万级大数据承载网站内容管理系统。 Lecms 3.0.3版本存在安全漏洞,该漏洞源于文件/index.php?my-password-ajax-1中密码更改处理器组件容易受到跨站请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A