Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control vulnerability in LIVE CONTRACT
Vulnerability Description
An Improper Access Control vulnerability was identified in the file download functionality. This vulnerability allows users to download sensitive documents without authentication, if the URL is known. The attack requires the attacker to know the documents UUIDv4.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
SYNCPILOT LIVE CONTRACT 安全漏洞
Vulnerability Description
SYNCPILOT LIVE CONTRACT是德国SYNCPILOT公司的一个实时合约程序。 SYNCPILOT LIVE CONTRACT存在安全漏洞,该漏洞源于文件下载功能访问控制不当,可能导致未经验证的用户下载敏感文档。
CVSS Information
N/A
Vulnerability Type
N/A