Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Charactell - FormStorm Enterprise Account Take Over
Vulnerability Description
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and update) passwords file for all the users. The xx_users.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existing password in the file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
Charactell FormStorm 安全漏洞
Vulnerability Description
Charactell FormStorm是美国Charactell公司的一款最先进的表单处理软件。 Charactell FormStorm Enterprise存在安全漏洞,攻击者可利用该漏洞可以修改(添加、删除和更新)所有用户的密码文件,接管帐户。
CVSS Information
N/A
Vulnerability Type
N/A