Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL database password information disclosure. The impact is: MySQL database content disclosure (e.g. username, password). The component is: The API call in the function allowAction() in NewslettersController.php. The attack vector is: HTTP Get request. The fixed version is: c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Rapid7 MailCleaner 信息泄露漏洞
Vulnerability Description
Rapid7 MailCleaner是美国Rapid7公司的一套渗透测试框架。该框架支持漏洞验证和安全评估等。 Rapid7 MailCleaner c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9之前版本中的NewslettersController.php文件的‘allowAction()’的API调用存在安全漏洞。攻击者可利用该漏洞泄露MySQL数据库内容。
CVSS Information
N/A
Vulnerability Type
N/A