提交 #271141: NODERP NODERP <=6.0.2 Sensitive information leakage信息

标题NODERP NODERP <=6.0.2 Sensitive information leakage
描述The NODERP System, versions up to and including V6.0.2, has a sensitive information leakage vulnerability. The system stores logs in the /runtime/log directory using date as the filename, which can be directly accessed. These logs contain all parameters from the requests made to the system, potentially including sensitive user data. This information could be exploited by an unauthorized individual to gain access to the system.
来源⚠️ https://note.zhaoj.in/share/M9ERphWTXUPj
用户
 glzjin (UID 59815)
提交2024-01-22 03時54分 (2 年前)
管理2024-01-29 08時03分 (7 days later)
状态已接受
VulDB条目252274 [Shanxi Diankeyun Technology NODERP 直到 6.0.2 /runtime/log 权限提升]
积分19

Want to stay up to date on a daily basis?

Enable the mail alert feature now!