Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control. The `redirect_if_not_loggedin` function in `functions_security.php` fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary files, potentially leading to Remote Code Execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Money Manager EX WebApp 安全漏洞
Vulnerability Description
Money Manager EX WebApp是Money Manager EX的一个开源的个人财务管理软件。 Money Manager EX WebApp 1.2.2版本存在安全漏洞,该漏洞源于访问控制错误,函数在重定向未经身份验证的用户后无法终止脚本执行,允许未经身份验证的攻击者上传任意文件,导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A