| عنوان | gitee warehouseManager 1.0 Authentication Bypass Issues |
|---|
| الوصف | Gitee URL:https://gitee.com/yangshare/warehouseManager
The warehouseManager system has an authentication bypass vulnerability. Attackers can bypass the authentication system to make unauthorized queries to relevant sensitive interfaces.
The system has incorrect permission configurations for some public interfaces, such as those under /css/, /js/, /fonts/, and /media/. When requests to these public paths are constructed using (or by concatenating) special characters like ';' or '#', it's possible to bypass the authentication for other interfaces. |
|---|
| المصدر | ⚠️ https://github.com/sumingwjl/cve/issues/1 |
|---|
| المستخدم | KobayashiSM (UID 85236) |
|---|
| ارسال | 13/05/2025 12:07 PM (12 أشهر منذ) |
|---|
| الاعتدال | 25/05/2025 08:56 AM (12 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 310251 [yangshare 技术杨工 warehouseManager 仓库管理系统 1.0 تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|