漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Silverware Games vulnerable to account enumeration via inconsistent responses
Vulnerability Description
Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member of the site. Since version 1.3.6, the "Enter the code" form is always returned, showing the message "If the entered email is associated with an account, a code will be sent now". This change prevents potential violators from determining if our site has a user with the specified email.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
响应差异性信息暴露
Vulnerability Title
Silverware Games 安全漏洞
Vulnerability Description
Silverware Games是Silverware Games公司的一款游戏。 Silverware Games 1.3.6 版本之前存在安全漏洞,该漏洞源于通过密码重置功能可以猜测用户电子邮箱地址。
CVSS Information
N/A
Vulnerability Type
N/A