Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Juanpao JPShop API params.php hard-coded key
Vulnerability Description
A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file api/config/params.php of the component API. The manipulation of the argument JWT_KEY_ADMIN leads to use of hard-coded cryptographic key . The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-252997 was assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
Juanpao JPShop 安全漏洞
Vulnerability Description
JPShop是一个开源社区团购微商城小程序。 Juanpao JPShop 1.5.02版本及之前版本存在安全漏洞,该漏洞源于使用硬编码密钥。
CVSS Information
N/A
Vulnerability Type
N/A