Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GUnet OpenEclass 1.7.3 E-learning platform - phpMyAdmin Remote Access
Vulnerability Description
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
访问控制不恰当
Vulnerability Title
GUnet OpenEclass 访问控制错误漏洞
Vulnerability Description
GUnet OpenEclass是希腊GUnet公司的一个学习管理系统。 GUnet OpenEclass 1.7.3版本存在访问控制错误漏洞,该漏洞源于默认包含phpMyAdmin 2.10.0.2,可能导致攻击者获取MySQL密码并完全控制数据库。
CVSS Information
N/A
Vulnerability Type
N/A