Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. When the web program is installed, a new environment file is created, and the database information is recorded, including the database record password. NOTE: the vendor disputes this because the environment file is in the data directory, which is not intended for access by website visitors (only the statics directory can be accessed by website visitors)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ecjia-daojia 安全漏洞
Vulnerability Description
ecjia-daojia是一款可开展O2O业务的移动电商 系统。 ecjia-daojia存在安全漏洞,该漏洞源于安装web程序时,会创建一个新的环境文件,并记录数据库信息,包括数据库记录密码。
CVSS Information
N/A
Vulnerability Type
N/A