| tiêu đề | MineAdmin MineAdmin Enterprise Backend Management System MineAdmin v1.x MineAdmin v2.x Logical flaw and vulnerability |
|---|
| Mô tả | There is a logic flaw vulnerability (Vertical Privilege Escalation) at /system/cache/view. Although the view interface requires login, it lacks specific permission identifiers. Attackers can bypass the system through vertical privilege escalation and directly access the Redis cache. Through the cache information, high-risk sensitive information such as administrator tokens, all user tokens, and crontabs can be viewed. |
|---|
| Nguồn | ⚠️ https://github.com/SourByte05/MineAdmin-Vulnerability/issues/6 |
|---|
| Người dùng | sourbyte (UID 94279) |
|---|
| Đệ trình | 08/01/2026 09:54 (cách đây 5 các tháng) |
|---|
| Kiểm duyệt | 19/01/2026 15:00 (11 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 341778 [MineAdmin 1.x/2.x View Interface /system/cache/view nâng cao đặc quyền] |
|---|
| điểm | 19 |
|---|