Invia #418417: QileCMS ≤v1.1.3 Authorization Bypassinformazioni

TitoloQileCMS ≤v1.1.3 Authorization Bypass
DescrizioneQileCMS ≤v1.1.3 has an arbitrary account password reset vulnerability. An attacker can send a verification code to an email address they control and use this code to reset the password of any user account, thereby gaining full control over the target account. This vulnerability poses a significant security risk to user accounts.
Fonte⚠️ https://note.zhaoj.in/share/PZZ7IeudhULs
Utente
 glzjin (UID 59815)
Sottomissione05/10/2024 10:29 (2 anni fa)
Moderazione12/10/2024 12:04 (7 days later)
StatoAccettato
Voce VulDB280234 [QileCMS fino a 1.1.3 Verification Code Forget.php sendEmail escalationi di privilegi]
Punti18

PrecedenteVisione D'ensembleIl prossimo

Do you know our Splunk app?

Download it now for free!