Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ZipCart module 6.x before 6.x-1.4 for Drupal checks the "access content" permission instead of the "access ZipCart downloads" permission when building archives, which allows remote authenticated users with access content permission to bypass intended access restrictions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal ZipCart模块权限许可和访问控制漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal中的ZipCart模块6.x-1.4之前的6.x版本中存在漏洞,该漏洞源于建立归档文件时校验‘access content’权限代替‘access ZipCart downloads’权限。远程认证用户可利用该漏洞以访问内容权限绕过目地访问限制。
CVSS Information
N/A
Vulnerability Type
N/A