Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Michlol - rashim web interface Insecure direct object references (IDOR)
Vulnerability Description
Michlol - rashim web interface Insecure direct object references (IDOR). First of all, the attacker needs to login. After he performs log into the system there are some functionalities that the specific user is not allowed to perform. However all the attacker needs to do in order to achieve his goals is to change the value of the ptMsl parameter and then the attacker can access sensitive data that he not supposed to access because its belong to another user.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
Michlol Solutions rashim web interface 操作系统命令注入漏洞
Vulnerability Description
Michlol Solutions rashim web interface是Michlol Solutions公司的一个Web界面。 Michlol Solutions rashim web interface 187.4392之前版本存在安全漏洞,该漏洞源于Web 界面不安全的直接对象引用 (IDOR),攻击者利用该漏洞可以访问敏感数据。
CVSS Information
N/A
Vulnerability Type
N/A