Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 Backend admin doFilter access control
Vulnerability Description
A vulnerability has been found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as critical. Affected by this vulnerability is the function doFilter of the file /admin/ of the component Backend. The manipulation of the argument Request leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
访问控制不恰当
Vulnerability Title
tushuguanlixitong 安全漏洞
Vulnerability Description
tushuguanlixitong(图书管理系统)是中国明月复苏(mingyuefusu)个人开发者的一个图书管理系统。 tushuguanlixitong存在安全漏洞,该漏洞源于对参数Request的错误操作会导致访问控制不当。
CVSS Information
N/A
Vulnerability Type
N/A