| Titel | Junnan Wang and his team Dreamer CMS 4.1.3 Common users have administrator rights |
|---|
| Beschreibung | As an ordinary account, it should not have the permission to delete attachments, forms and variables, and attackers can delete important files of the system through ordinary accounts.Common users have excessive permissions |
|---|
| Quelle | ⚠️ https://github.com/sweatxi/BugHub/blob/main/dreamer_Excessive_authority.pdf |
|---|
| Benutzer | hexixi (UID 59932) |
|---|
| Einreichung | 22.03.2024 21:16 (vor 2 Jahren) |
|---|
| Moderieren | 30.03.2024 07:36 (7 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 258779 [Dreamer CMS bis 4.1.3 Attachment erweiterte Rechte] |
|---|
| Punkte | 16 |
|---|