| タイトル | https://doc.cms.talelin.com/ Lin-CMS 0.6.0 weak password |
|---|
| 説明 | Lin CMS is a CMS solution that separates the front and back ends. Lin not only provides background support, but also has a corresponding front-end system. Lin currently has implementation in Python, Node.js and Java versions.
The tests folder is a file used by developers for testing, and the config.py file exists in the tests folder.This file contains the administrator's default account and password.Due to the failure to delete and clean up in time, a security risk was left behind.
Attackers can directly log in with the default administrator account and password that have not been cleared, gain control of the account, and thus face high risks such as complete system takeover and leakage of sensitive information.
|
|---|
| ソース | ⚠️ https://github.com/m3ngx1ng/cve/blob/4690d4020a4a642af4c50912f762937292228641/lin-cms.md |
|---|
| ユーザー | m3x1 (UID 92411) |
|---|
| 送信 | 2025年12月23日 10:22 (4 月 ago) |
|---|
| モデレーション | 2025年12月27日 14:55 (4 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 338528 [TaleLin Lin-CMS 迄 0.6.0 Tests Folder /tests/config.py username/password 情報漏えい] |
|---|
| ポイント | 20 |
|---|