漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Exposure of Private Personal Information to an Unauthorized Actor in notrinos/notrinoserp
Vulnerability Description
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions.
CVSS Information
N/A
Vulnerability Type
侵犯隐私
Vulnerability Title
notrinoserp 安全漏洞
Vulnerability Description
notrinoserp是Phương个人开发者的一个基于 Web 的 ERP,用 PHP 和 MySql 编写的会计系统。 notrinosrp v0.7之前版本存在安全漏洞,该漏洞源于将私人个人信息暴露给未经授权的参与者,这会导致权限提升到系统管理员帐户。
CVSS Information
N/A
Vulnerability Type
N/A