Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Greymatter 1.21c and earlier with the Bookmarklet feature enabled allows remote attackers to read a cleartext password and gain administrative privileges by guessing the name of a gmrightclick-*.reg file which contains the administrator name and password in cleartext, then retrieving the file from the web server before the Greymatter administrator performs a "Clear And Exit" action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Noah Grey Greymatter IE Bookmarklet Account妥协漏洞
Vulnerability Description
Greymatter 1.21c及其早期版本存在漏洞。当Bookmarklet功能启用时,远程攻击者通过猜测包含明文方式管理员名称和密码的gmrightclick-*.reg文件名称读取明文密码且获取管理特权,然后在Greymatter执行"Clear And Exit"操作之前从web服务器获取文件。
CVSS Information
N/A
Vulnerability Type
N/A