漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Carinal Tien Hospital Health Report System - Authorization Bypass Through User-Controlled Key
Vulnerability Description
Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system or modify data, making the service partially unavailable to the user.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Carinal Tien Hospital Health Report System 安全漏洞
Vulnerability Description
Carinal Tien Hospital Health Report System(耕莘医院健检报告查询系统)是中国台湾耕莘医院的一个医院健检报告查询系统。 Carinal Tien Hospital Health Report System存在安全漏洞,该漏洞源于系统登录页面具有不正确的身份验证。攻击者可利用该漏洞通过修改cookie参数获得其他普通用户的权限,而无需进行身份验证。
CVSS Information
N/A
Vulnerability Type
N/A