إرسال #270901: KuERP KuERP <=1.0.4 Significant information leakالمعلومات

عنوانKuERP KuERP <=1.0.4 Significant information leak
الوصفThe KuERP System, version 1.4.20 and below, has a significant information leak vulnerability. The system saves logs with sensitive data, such as request parameters, into the /runtime/log folder using the date as the file name, which can be directly accessed. This exposed information can potentially be exploited by malicious actors to gain unauthorized access to the system.
المصدر⚠️ https://note.zhaoj.in/share/mhLwGOcLxYfP
المستخدم
 glzjin (UID 59815)
ارسال21/01/2024 10:01 AM (2 سنوات منذ)
الاعتدال28/01/2024 04:27 PM (7 days later)
الحالةتمت الموافقة
إدخال VulDB252252 [Sichuan Yougou Technology KuERP حتى 1.0.4 /runtime/log تجاوز الصلاحيات]
النقاط18

Want to know what is going to be exploited?

We predict KEV entries!