Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Disclosure
Vulnerability Description
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive files through unverified 'filename' and 'path' parameters. Attackers can exploit the QH.aspx endpoint to read arbitrary files and directory contents without authentication by manipulating download and getAll actions.
CVSS Information
N/A
Vulnerability Type
将备份文件暴露给非授权控制范围
Vulnerability Title
QiHang Media Web Digital Signage 安全漏洞
Vulnerability Description
QiHang Media Web Digital Signage是中国QiHang公司的一个数字标牌管理软件。 QiHang Media Web Digital Signage 3.0.9版本存在安全漏洞,该漏洞源于filename和path参数存在文件泄露,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A