| Titel | zzcms 2023 Sensitive information leakage |
|---|
| Beschreibung | Attackers do not require any access privileges and can directly access sensitive information such as database addresses, database names, accounts, passwords, etc. by accessing 3/qq-connect2.0/API/com/inc.php. In production environments, this is a very fatal vulnerability. |
|---|
| Quelle | ⚠️ https://github.com/LvZCh/zzcms2023/issues/1 |
|---|
| Benutzer | LVZC (UID 74910) |
|---|
| Einreichung | 20.10.2024 08:50 (vor 2 Jahren) |
|---|
| Moderieren | 23.10.2024 09:52 (3 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 281559 [ZZCMS 2023 inc.php Information Disclosure] |
|---|
| Punkte | 17 |
|---|