जमा करें #270901: KuERP KuERP <=1.0.4 Significant information leakजानकारी

शीर्षकKuERP KuERP <=1.0.4 Significant information leak
विवरणThe KuERP System, version 1.4.20 and below, has a significant information leak vulnerability. The system saves logs with sensitive data, such as request parameters, into the /runtime/log folder using the date as the file name, which can be directly accessed. This exposed information can potentially be exploited by malicious actors to gain unauthorized access to the system.
स्रोत⚠️ https://note.zhaoj.in/share/mhLwGOcLxYfP
उपयोगकर्ता
 glzjin (UID 59815)
सबमिशन21/01/2024 10:01 AM (2 साल पहले)
संयम28/01/2024 04:27 PM (7 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि252252 [Sichuan Yougou Technology KuERP तक 1.0.4 /runtime/log अधिकार वृद्धि]
अंक18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!