Enviar #780589: 勾股开源 gougucms v4.08.18 Business Logic Errorsinformación

Título	勾股开源 gougucms v4.08.18 Business Logic Errors
Descripción	Vulnerability Name: Mass Assignment. CWE: CWE-915 Link of project: https://gitee.com/gouguopen/gougucms Description: Mass Assignment in GouguCMS v4.08.18 allows an unauthenticated attacker to elevate privileges to VIP users by injecting the level parameter during the user registration process at the /home/login/reg endpoint.
Fuente	⚠️ https://thinhneee.github.io/posts/gougu-mass-assign/
Usuario	thinhnee (UID 96296)
Sumisión	2026-03-16 03:27 (hace 21 días)
Moderación	2026-03-31 18:01 (16 days later)
Estado	Aceptado
Entrada de VulDB	354429 [gougucms 4.08.18 User Registration Login.php reg_submit level escalada de privilegios]
Puntos	19

Do you need the next level of professionalism?

Upgrade your account now!