Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
pbrong hrms resource.go HrmsDB improper authorization
Vulnerability Description
A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. This affects the function HrmsDB of the file \resource\resource.go. The manipulation of the argument user_cookie leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
授权机制不恰当
Vulnerability Title
hrms 安全漏洞
Vulnerability Description
hrms是BoringError个人开发者的一个人力资源管理系统。 hrms 1.0.1及之前版本存在安全漏洞,该漏洞源于授权不当,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A