| عنوان | NODERP NODERP <=6.0.2 Sensitive information leakage |
|---|
| الوصف | The NODERP System, versions up to and including V6.0.2, has a sensitive information leakage vulnerability. The system stores logs in the /runtime/log directory using date as the filename, which can be directly accessed. These logs contain all parameters from the requests made to the system, potentially including sensitive user data. This information could be exploited by an unauthorized individual to gain access to the system. |
|---|
| المصدر | ⚠️ https://note.zhaoj.in/share/M9ERphWTXUPj |
|---|
| المستخدم | glzjin (UID 59815) |
|---|
| ارسال | 22/01/2024 03:54 AM (2 سنوات منذ) |
|---|
| الاعتدال | 29/01/2024 08:03 AM (7 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 252274 [Shanxi Diankeyun Technology NODERP حتى 6.0.2 /runtime/log تجاوز الصلاحيات] |
|---|
| النقاط | 19 |
|---|