Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
phpRedisAdmin login.inc.php authHttpDigest wrong operator in string comparison
Vulnerability Description
A vulnerability was found in phpRedisAdmin up to 1.16.1. It has been classified as problematic. This affects the function authHttpDigest of the file includes/login.inc.php. The manipulation of the argument response leads to use of wrong operator in string comparison. Upgrading to version 1.16.2 is able to address this issue. The name of the patch is 31aa7661e6db6f4dffbf9a635817832a0a11c7d9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216267.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
在字符串比较中使用了错误的操作符
Vulnerability Title
phpRedisAdmin 安全漏洞
Vulnerability Description
phpRedisAdmin是个人开发者的一个 用于管理 Redis 的 Web 管理页面。 phpRedisAdmin 1.17.3及之前版本存在安全漏洞,该漏洞源于文件includes/login.inc.php的authHttpDigest函数存在问题,对参数response的操作会导致在字符串比较中使用错误的运算符。
CVSS Information
N/A
Vulnerability Type
N/A