Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Quassel IRC 安全绕过漏洞
Vulnerability Description
Quassel IRC(又名Quassel)是Quassel IRC团队开发的一款跨平台的分布式IRC聊天客户端,它采用QT应用框架开发,PostgreSQL数据库存储数据。 Quassel IRC 0.9.1及之前的版本中存在安全漏洞,该漏洞源于当访问用户的历史消息记录时,Quassel core (服务器守护进程)没有正确验证用户ID。远程攻击者可借助多个SQL查询(包括:core/SQL/PostgreSQL/目录下的(1)16/select_buffer_by_id.sql(2)16/select
CVSS Information
N/A
Vulnerability Type
N/A