Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and payment data. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: the vendor has disputed this vulnerability, stating that "The kwikpay.mdb file supplied with kwikpay is a template for the database structure of user databases created by kwikpay and to store a demonstration payroll. It does not contain any sensitive user information. When a user payroll database is opened, the encryption of the database is checked and if the database is not encrypted, the user is prompted to encrypt the database, but the choice is the customers.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kwik 'KwikPay.mdb'数据库加密漏洞
Vulnerability Description
** 有争议 ** Kwik-支付工资表 4.2.20(可能还有其它版本),存储带非安全许可的KwikPay.mdb数据库文件,从而允许本地用户获得诸如雇佣和工资数据等敏感资料。注:此信息来源未知;详情由第三方来源独自提供。注: 供应商对该漏洞有异议,指出"与kwikpay一起提供的kwikpay.mdb 文件是一个用于由kwikpay创建的用户数据库结构的模板并存储一个演示工资表。它并不包含任何敏感用户消息。当打开一个用户工资数据库时,要检查数据库加密,如果数据库没有加密,就会向用户提示加密数据库,是否
CVSS Information
N/A
Vulnerability Type
N/A