제출 #270901: KuERP KuERP <=1.0.4 Significant information leak정보

제목KuERP KuERP <=1.0.4 Significant information leak
설명The KuERP System, version 1.4.20 and below, has a significant information leak vulnerability. The system saves logs with sensitive data, such as request parameters, into the /runtime/log folder using the date as the file name, which can be directly accessed. This exposed information can potentially be exploited by malicious actors to gain unauthorized access to the system.
원천⚠️ https://note.zhaoj.in/share/mhLwGOcLxYfP
사용자
 glzjin (UID 59815)
제출2024. 01. 21. AM 10:01 (2 연령 ago)
모더레이션2024. 01. 28. PM 04:27 (7 days later)
상태수락
VulDB 항목252252 [Sichuan Yougou Technology KuERP 까지 1.0.4 /runtime/log 권한 상승]
포인트들18

Do you know our Splunk app?

Download it now for free!