Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WisdomGarden Tronclass ilearn - Broken Access Control
Vulnerability Description
WisdomGarden Tronclass has improper access control when uploading file. An authenticated remote attacker with general user privilege can exploit this vulnerability to access files belonging to other users by modifying the file ID within URL.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
WisdomGarden Tronclass 代码问题漏洞
Vulnerability Description
WisdomGarden Tronclass ilearn是中国智园(WisdomGarden)公司的一个教学平台。 WisdomGarden Tronclass 存在安全漏洞,该漏洞源于在上传文件时访问控制不当。受影响的产品和版本:Tronclass ilearn app 2.3.2版本和Tronclass ilearn web 1.52.29198之前版本。
CVSS Information
N/A
Vulnerability Type
N/A