| 제목 | QileCMS ≤v1.1.3 Authorization Bypass |
|---|
| 설명 | QileCMS ≤v1.1.3 has an arbitrary account password reset vulnerability. An attacker can send a verification code to an email address they control and use this code to reset the password of any user account, thereby gaining full control over the target account. This vulnerability poses a significant security risk to user accounts. |
|---|
| 원천 | ⚠️ https://note.zhaoj.in/share/PZZ7IeudhULs |
|---|
| 사용자 | glzjin (UID 59815) |
|---|
| 제출 | 2024. 10. 05. AM 10:29 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 10. 12. PM 12:04 (7 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 280234 [QileCMS 까지 1.1.3 Verification Code Forget.php sendEmail 권한 상승] |
|---|
| 포인트들 | 18 |
|---|