Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control in Talya Informatics' Elektraweb
Vulnerability Description
Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass.This issue affects Elektraweb: before v17.0.68.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Elektraweb 安全漏洞
Vulnerability Description
Elektraweb是土耳其Elektraweb公司的一个基于云托管的网络酒店程序。 Elektraweb v17.0.68之前版本存在安全漏洞,该漏洞源于系统存在访问控制不当、缺少授权、授权不正确、关键资源的权限分配不正确、缺少身份验证、身份验证薄弱、对预期端点的通信通道限制不当等安全问题。
CVSS Information
N/A
Vulnerability Type
N/A