Submit #804228: 1024-lab smart-admin 3.30.0 Exposure of Sensitive System Information to an Unauthorized Continfo

Title1024-lab smart-admin 3.30.0 Exposure of Sensitive System Information to an Unauthorized Cont
DescriptionIn the "smart-admin" demo site,The developers failed to implement strict access control, allowing users to directly access the Druid page.Attackers can gain unauthorized access to all SQL statements and sessions in the system. After obtaining the session, they can log into the system backend and expand the damage.
Source⚠️ https://github.com/1024-lab/smart-admin/issues/117
User
 renyu (UID 97219)
Submission04/14/2026 09:25 (3 months ago)
Moderation04/29/2026 21:17 (15 days later)
StatusAccepted
VulDB entry360204 [1024-lab smart-admin up to 3.30.0 Demo Site index.html access control]
Points18

Do you know our Splunk app?

Download it now for free!