Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SAP Information System POST Request add_admin.php improper authentication
Vulnerability Description
A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAP_Information_System/controllers/add_admin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploit details were disclosed.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
认证机制不恰当
Vulnerability Title
SAP Information System 访问控制错误漏洞
Vulnerability Description
SAP Information System是德国思爱普(SAP)公司的一个信息管理系统。 SAP Information System 1.0 中存在访问控制错误漏洞,未经身份验证的攻击者能够通过简单的 POST 请求为 Web 应用程序创建新的管理员帐户。
CVSS Information
N/A
Vulnerability Type
N/A