Soumettre #303196: Junnan Wang and his team Dreamer CMS 4.1.3 Common users have administrator rightsinformation

TitreJunnan Wang and his team Dreamer CMS 4.1.3 Common users have administrator rights
DescriptionAs an ordinary account, it should not have the permission to delete attachments, forms and variables, and attackers can delete important files of the system through ordinary accounts.Common users have excessive permissions
La source⚠️ https://github.com/sweatxi/BugHub/blob/main/dreamer_Excessive_authority.pdf
Utilisateur
 hexixi (UID 59932)
Soumission22/03/2024 21:16 (il y a 2 ans)
Modérer30/03/2024 07:36 (7 days later)
StatutAccepté
Entrée VulDB258779 [Dreamer CMS jusqu’à 4.1.3 Attachment élévation de privilèges]
Points16

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!