Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Privilege Escalation in SIMPLE.ERP
Vulnerability Description
The SIMPLE.ERP client stores superuser password in a recoverable format, allowing any authenticated SIMPLE.ERP user to escalate privileges to a database administrator. This issue affect SIMPLE.ERP from 6.20 through 6.30. Only the 6.30 version received a patch 6.30@a03.9, which removed the vulnerability. Versions 6.20 and 6.25 remain unpatched.
CVSS Information
N/A
Vulnerability Type
以可恢复格式存储口令
Vulnerability Title
SIMPLE.ERP 安全漏洞
Vulnerability Description
SIMPLE.ERP是SIMPLE公司的一个电子商务平台。 SIMPLE.ERP 6.20版本至6.30版本存在安全漏洞,该漏洞源于超级用户密码以可恢复格式存储,允许任何经过身份验证的用户提升权限至数据库管理员。
CVSS Information
N/A
Vulnerability Type
N/A