Submit #467695: Beijing Yunfan Internet Technology Co., Ltd yfexam-exam 1.9.2 interface leakageinfo

TitleBeijing Yunfan Internet Technology Co., Ltd yfexam-exam 1.9.2 interface leakage
DescriptionThe doc.html path in src/main/java/com/yf/exam/config/ShiroConfig.java does not have access permissions set, resulting in unauthorized viewing of all interfaces
Source⚠️ https://github.com/qiutiandefeng/yfexam-exam/issues/4
User
 LVZC (UID 74910)
Submission12/22/2024 02:53 PM (3 months ago)
Moderation01/01/2025 12:31 PM (10 days later)
StatusAccepted
VulDB Entry289925 [Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2 /doc.html improper authorization]
Points15

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!