提交 #566984: JAdmin-JAVA jadmin 1.0 Incorrect Authorization
| 标题 | JAdmin-JAVA jadmin 1.0 Incorrect Authorization |
|---|---|
| 描述 | Remote users can access the background without authorization. They can create a super system administrator, delete background users, view logs and perform other sensitive operations. |
| 来源 | ⚠️ https:/ |
| 用户 | bi8bu (UID 84151) |
| 提交 | 2025-04-29 03時23分 (12 月前) |
| 管理 | 2025-05-09 14時12分 (10 days later) |
| 状态 | 已接受 |
| VulDB条目 | 308208 [JAdmin-JAVA JAdmin 1.0 Admin Backend NoNeedLoginController.java toLogin 弱身份验证] |
| 积分 | 15 |