Submit #244620: lceCMS lceCMS v 2.0.1 逻辑缺陷漏洞info

TitlelceCMS lceCMS v 2.0.1 逻辑缺陷漏洞
DescriptionIceCMS是一个基于Spring Boot + Vue前后端分离的内容管理系统。 IceCMS v2.0.1版本存在逻辑缺陷漏洞(并发),该漏洞源于WEB应用未充分验证用户请求次数。攻击者可对/WebArticle/articles/1000000237/love接口无限制发包,严重可造成网站瘫痪。
Source⚠️ http://x.x.x.x:8082/index.html
User
 YuJiu (UID 59194)
Submission11/28/2023 20:03 (3 years ago)
Moderation11/30/2023 13:36 (2 days later)
StatusAccepted
VulDB entry246438 [Thecosy IceCMS 2.0.1 Like /WebArticle/articles/ improper enforcement of a single, unique action]
Points14

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!

n $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0'; } } ?>