| Título | Junnan Wang and his team Dreamer CMS 4.1.3 Common users have administrator rights |
|---|
| Descripción | As an ordinary account, it should not have the permission to delete attachments, forms and variables, and attackers can delete important files of the system through ordinary accounts.Common users have excessive permissions |
|---|
| Fuente | ⚠️ https://github.com/sweatxi/BugHub/blob/main/dreamer_Excessive_authority.pdf |
|---|
| Usuario | hexixi (UID 59932) |
|---|
| Sumisión | 2024-03-22 21:16 (hace 2 años) |
|---|
| Moderación | 2024-03-30 07:36 (7 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 258779 [Dreamer CMS hasta 4.1.3 Attachment escalada de privilegios] |
|---|
| Puntos | 16 |
|---|