Submit #271141: NODERP NODERP <=6.0.2 Sensitive information leakageinfo

TitleNODERP NODERP <=6.0.2 Sensitive information leakage
DescriptionThe NODERP System, versions up to and including V6.0.2, has a sensitive information leakage vulnerability. The system stores logs in the /runtime/log directory using date as the filename, which can be directly accessed. These logs contain all parameters from the requests made to the system, potentially including sensitive user data. This information could be exploited by an unauthorized individual to gain access to the system.
Source⚠️ https://note.zhaoj.in/share/M9ERphWTXUPj
User
 glzjin (UID 59815)
Submission01/22/2024 03:54 (2 years ago)
Moderation01/29/2024 08:03 (7 days later)
StatusAccepted
VulDB entry252274 [Shanxi Diankeyun Technology NODERP up to 6.0.2 /runtime/log file access]
Points19

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!