| Título | https://doc.cms.talelin.com/ Lin-CMS 0.6.0 weak password |
|---|
| Descripción | Lin CMS is a CMS solution that separates the front and back ends. Lin not only provides background support, but also has a corresponding front-end system. Lin currently has implementation in Python, Node.js and Java versions.
The tests folder is a file used by developers for testing, and the config.py file exists in the tests folder.This file contains the administrator's default account and password.Due to the failure to delete and clean up in time, a security risk was left behind.
Attackers can directly log in with the default administrator account and password that have not been cleared, gain control of the account, and thus face high risks such as complete system takeover and leakage of sensitive information.
|
|---|
| Fuente | ⚠️ https://github.com/m3ngx1ng/cve/blob/4690d4020a4a642af4c50912f762937292228641/lin-cms.md |
|---|
| Usuario | m3x1 (UID 92411) |
|---|
| Sumisión | 2025-12-23 10:22 (hace 4 meses) |
|---|
| Moderación | 2025-12-27 14:55 (4 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 338528 [TaleLin Lin-CMS hasta 0.6.0 Tests Folder /tests/config.py username/password divulgación de información] |
|---|
| Puntos | 20 |
|---|