| Название | Junnan Wang and his team Dreamer CMS 4.1.3 Common users have administrator rights |
|---|
| Описание | As an ordinary account, it should not have the permission to delete attachments, forms and variables, and attackers can delete important files of the system through ordinary accounts.Common users have excessive permissions |
|---|
| Источник | ⚠️ https://github.com/sweatxi/BugHub/blob/main/dreamer_Excessive_authority.pdf |
|---|
| Пользователь | hexixi (UID 59932) |
|---|
| Представление | 22.03.2024 21:16 (2 лет назад) |
|---|
| Модерация | 30.03.2024 07:36 (7 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 258779 [Dreamer CMS до 4.1.3 Attachment эскалация привилегий] |
|---|
| Баллы | 16 |
|---|