Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EZPhotoSales 1.9.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) a file containing cleartext passwords via a direct request for OnlineViewing/data/galleries.txt, or (2) a file containing username hashes and password hashes via a direct request for OnlineViewing/configuration/config.dat/. NOTE: vector 2 can be leveraged for administrative access because authentication does not require knowledge of cleartext values, but instead uses the username hash in the ConfigLogin parameter and the password hash in the ConfigPassword parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EZPhotoSales 多个输入验证漏洞
Vulnerability Description
EZPhotoSales 1.9.3版本及其早期版本在网根储存敏感信息但没有赋予足够的访问控制,这会允许远程攻击者(1)可以借助对OnlineViewing/data/galleries.txt提交一个直接请求下子包含空文本密码的一个文件或(2)可以借助对OnlineViewing/configuration/config.dat/提交一个直接请求,下载包含用户名信息的一个文件。 注意:向量2 可能会导致管理员特权的扩大。
CVSS Information
N/A
Vulnerability Type
N/A