Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
spa-cartcms Username login observable behavioral discrepancy
Vulnerability Description
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the argument email leads to observable behavioral discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268896.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过行为差异性导致的信息暴露
Vulnerability Title
SPA-Cart 安全漏洞
Vulnerability Description
SPA-Cart是SPA-Cart公司的一个购物车软件。 SPA-Cart 1.9.0.6版本存在安全漏洞,该漏洞源于对参数 email 的错误操作会导致可观察到的行为差异。
CVSS Information
N/A
Vulnerability Type
N/A