Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Uniong|WebITR - Authorization Bypass
Vulnerability Description
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Uniong WebITR 安全漏洞
Vulnerability Description
Uniong WebITR是中国凯发(Uniong)公司的一款在线考勤系统。 Uniong WebITR存在安全漏洞,该漏洞源于身份验证绕过,允许远程攻击者通过修改特定参数以任意用户身份登录。
CVSS Information
N/A
Vulnerability Type
N/A