제출 #558367: 201206030 novel-plus commitID 0e156c04b4b7ce0563bef6c97af4476fcda8f160 broken function level authorization정보

제목201206030 novel-plus commitID 0e156c04b4b7ce0563bef6c97af4476fcda8f160 broken function level authorization
설명CVE-3: SessionController Leaks Online Session Info - Location: - file: novel-system/src/main/java/com/java2nb/system/controller/SessionController.java - Endpoint: - GET /list - Method: public List list() - CWE: CWE-306 - Risk: Allows Unauthorized users to view online user sessions - PoC: curl http://target-ip:port/list
원천⚠️ https://www.cnblogs.com/aibot/p/18827501
사용자
 Anonymous User
제출2025. 04. 15. PM 03:03 (1 년도 ago)
모더레이션2025. 04. 27. PM 07:53 (12 days later)
상태수락
VulDB 항목306368 [20120630 Novel-Plus 까지 0e156c04b4b7ce0563bef6c97af4476fcda8f160 SessionController.java list 약한 인증]
포인트들19

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!