Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a "semi-predictable file name."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Timeclock Software Employee Timeclock Software数据备份机制敏感信息泄露漏洞
Vulnerability Description
Employee Timeclock Software是一个员工的时间和出勤系统 Employee Timeclock Software的数据备份机制在web目录下存储敏感信息,并且没有进行充分的访问控制。远程攻击者可以借助对一个“semi-predictable file name”的直接请求,下载数据库文件。
CVSS Information
N/A
Vulnerability Type
N/A