Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
QiHang Media Web Digital Signage 3.0.9 Cleartext Credentials Disclosure
Vulnerability Description
QiHang Media Web Digital Signage 3.0.9 contains a cleartext credentials vulnerability that allows unauthenticated attackers to access administrative login information through an unprotected XML file. Attackers can retrieve hardcoded admin credentials by requesting the '/xml/User/User.xml' file, enabling direct authentication bypass.
CVSS Information
N/A
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
QiHang Media Web Digital Signage 安全漏洞
Vulnerability Description
QiHang Media Web Digital Signage是中国QiHang公司的一个数字标牌管理软件。 QiHang Media Web Digital Signage 3.0.9版本存在安全漏洞,该漏洞源于未保护的XML文件存在明文凭据,可能导致认证绕过。
CVSS Information
N/A
Vulnerability Type
N/A