Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to (1) ValidateFormAction.do or (2) ProfileConfirmEditAddressAction.do.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Datalex airline booking software 安全漏洞
Vulnerability Description
Datalex airline booking software是爱尔兰Datalex公司的一套自动连接到航空订票的软件。 Datalex airline booking software 2015-09-03日期之前更新的软件中存在安全漏洞。远程攻击者可借助ValidateFormAction.do或ProfileConfirmEditAddressAction.do页面中修改的‘profileId’参数利用该漏洞读取或访问任意用户数据。
CVSS Information
N/A
Vulnerability Type
N/A