Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Trapeze TransitMaster is vulnerable to information disclosure (emails / hashed passwords) via a modified userID field in JSON data to ManageSubscriber.aspx/GetSubscriber. NOTE: this software is independently deployed at multiple municipal transit systems; it is not found exclusively on the "webwatch.(REDACTED).com" server mentioned in the reference.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trapeze TransitMaster 安全漏洞
Vulnerability Description
Trapeze TransitMaster是加拿大Trapeze公司的一套交通运输管理软件。 Trapeze TransitMaster中存在安全漏洞。攻击者可通过向ManageSubscriber.aspx/GetSubscriber发送带有已更改userID字段的JSON数据利用该漏洞获取敏感信息(emails/散列密码)。
CVSS Information
N/A
Vulnerability Type
N/A