Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
admin/delitem.php in RoomPHPlanning 1.6 does not require authentication, which allows remote attackers to (1) delete arbitrary users via the user parameter or (2) delete arbitrary rooms via the room parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Beaussier RoomPHPlanning 'admin/delitem.php' 授权问题漏洞
Vulnerability Description
RoomPHPlanning的脚本admin/delitem.php没有合适的认证请求限制,远程攻击者可以借助(1) user参数删除任意的用户 或者(2) room参数删除任意的房间。
CVSS Information
N/A
Vulnerability Type
N/A