| عنوان | 1024-lab smart-admin 3.30.0 Exposure of Sensitive System Information to an Unauthorized Cont |
|---|
| الوصف | In the "smart-admin" demo site,The developers failed to implement strict access control, allowing users to directly access the Druid page.Attackers can gain unauthorized access to all SQL statements and sessions in the system. After obtaining the session, they can log into the system backend and expand the damage.
|
|---|
| المصدر | ⚠️ https://github.com/1024-lab/smart-admin/issues/117 |
|---|
| المستخدم | renyu (UID 97219) |
|---|
| ارسال | 14/04/2026 09:25 AM (2 أشهر منذ) |
|---|
| الاعتدال | 29/04/2026 09:17 PM (15 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 360204 [1024-lab smart-admin حتى 3.30.0 Demo Site index.html تجاوز الصلاحيات] |
|---|
| النقاط | 18 |
|---|