Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
EIC e-document system - Broken Authentication
Vulnerability Description
EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. The vulnerability allows remote attacker to obtain users’ credential information without logging in the system, and further acquire the privileged permissions and execute arbitrary commends.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
杰印资讯公司 Excellent Infotek Corporation EIC e-document system 授权问题漏洞
Vulnerability Description
Excellent Infotek Corporation EIC e-document system是中国杰印资讯公司(Excellent Infotek Corporation)公司的一个应用系统。提供精确、简单、标准的XML公文表单,简化原本繁复的公文的撰写、传送流程。 EIC e-document system 存在安全漏洞,攻击者可利用该漏洞在不登录系统的情况下获取用户的凭证信息,进而获得特权权限和执行任意推荐。
CVSS Information
N/A
Vulnerability Type
N/A