Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information (first name, last name, email, CV, phone number, and all other personal information) by changing the value of the candidate id (the id parameter).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
eyecomms eyeCMS 输入验证错误漏洞
Vulnerability Description
eyecomms eyeCMS是阿曼eyecomms公司的一套内容管理系统(CMS)。 eyecomms eyeCMS 2019-10-15及之前版本中存在安全漏洞。攻击者可通过修改‘id’参数利用该漏洞修改其他申请者的个人信息(姓名,邮件,电话,简历及其他个人信息)。
CVSS Information
N/A
Vulnerability Type
N/A