Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters
Vulnerability Description
MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Vulnerability Type
参数问题
Vulnerability Title
MobiSoft MobiPlus 安全漏洞
Vulnerability Description
MobiSoft MobiPlus是以色列MobiSoft公司的一个销售和分销领域活动的领先综合解决方案。 MobiSoft MobiPlus 存在安全漏洞,该漏洞源于MobiSoft 用户接管和不当处理的url参数。攻击者可利用该漏洞导航到特定的url,这将暴露所有用户和密码明文。
CVSS Information
N/A
Vulnerability Type
N/A