Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HotPlug CMS 访问控制漏洞
Vulnerability Description
HotPlug CMS将敏感信息存储在Web根目录下,但没有充分的访问控制,远程攻击者可以通过直接请求includes/class/config.inc来读取管理密码和数据库凭证。
CVSS Information
N/A
Vulnerability Type
N/A