| Titel | Shenzhen Sixun Software Co., Ltd. Sissyun Shanghui 7 Online Business System 4.10.24.3 Unauthorized |
|---|
| Beschreibung | Sissyun Shanghui 7 Online Business System has a user password reset vulnerability, allowing attackers to enumerate usernames and modify the password of any user.
https://github.com/zhangbuneng/Sissyun-Shanghui-7-Unauthorized-password-modificationfication-vulnerability./issues/1#issue-3688839620 |
|---|
| Quelle | ⚠️ https://github.com/zhangbuneng/Sissyun-Shanghui-7-Unauthorized-password-modificationfication-vulnerability./issues/1#issue-3688839620 |
|---|
| Benutzer | yaozhangYiqiyin (UID 81367) |
|---|
| Einreichung | 03.12.2025 08:22 (vor 5 Monaten) |
|---|
| Moderieren | 14.12.2025 13:22 (11 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 336414 [Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3 UpdatePasswordBatch erweiterte Rechte] |
|---|
| Punkte | 17 |
|---|