| 제목 | 1024-lab smart-admin 3.30.0 Exposure of Sensitive System Information to an Unauthorized Cont |
|---|
| 설명 | In the "smart-admin" demo site,The developers failed to implement strict access control, allowing users to directly access the Druid page.Attackers can gain unauthorized access to all SQL statements and sessions in the system. After obtaining the session, they can log into the system backend and expand the damage.
|
|---|
| 원천 | ⚠️ https://github.com/1024-lab/smart-admin/issues/117 |
|---|
| 사용자 | renyu (UID 97219) |
|---|
| 제출 | 2026. 04. 14. AM 09:25 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 04. 29. PM 09:17 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 360204 [1024-lab smart-admin 까지 3.30.0 Demo Site index.html 권한 상승] |
|---|
| 포인트들 | 18 |
|---|