Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zmerge管理数据库默认访问控制列表不安全漏洞
Vulnerability Description
Zmerge是一款用于映射Lotus Motes数据库和结构化数据文件数据的Lotus Notes/Domino工具,可以运行在32-bit的MS Windows操作系统下。 Zmerge管理数据库(Administration database)默认配置的访问控制列表不够安全 ,远程攻击者可以利用这个漏洞修改数据导入/输出脚本。 Zmerge管理数据库包含数据导入/输出脚本,脚本由Zmerge程序解释,允许脚本读和写服务器上的任意文件,默认情况下包含多个这样的脚本。 Zmerge管理数据库允许用户使用N
CVSS Information
N/A
Vulnerability Type
N/A