Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user has to alternate the files of a vaild file backup. This leads of leaking the database credentials in the environment variables.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yakamara Media Redaxo CMS 安全漏洞
Vulnerability Description
Yakamara Media Redaxo CMS是Yakamara Media组织的一套开源的Web门户内容管理系统。该系统支持自定义模块、插件扩展、项目备份等。 Yakamara Media Redaxo CMS 5.12.1版本存在安全漏洞,该漏洞源于导入过程的错误页面。攻击者可利用该漏洞经过身份验证的CMS用户替换有效文件备份的文件,导致环境变量中的数据库凭据泄漏
CVSS Information
N/A
Vulnerability Type
N/A