提交 #467703: FoxCMS <=1.2.0 Auth bypass
| 标题 | FoxCMS <=1.2.0 Auth bypass |
|---|---|
| 描述 | FoxCMS versions ≤1.2 contain an authentication bypass vulnerability in the `/app/api/controller/Site.php` file. An attacker can exploit this vulnerability by sending a specially crafted request to the API endpoint, which allows anonymous users to reset the admin's password. |
| 来源 | ⚠️ https:/ |
| 用户 | glzjin (UID 59815) |
| 提交 | 2024-12-22 15時33分 (1 年前) |
| 管理 | 2024-12-22 17時47分 (2 hours later) |
| 状态 | 已接受 |
| VulDB条目 | 289171 [FoxCMS 直到 1.2 API Endpoint Site.php 密码 权限提升] |
| 积分 | 17 |