漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Account Takeover Vulnerability in CAP back office application
Vulnerability Description
This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid login ID could exploit this vulnerability through vulnerable API endpoint which could lead to account takeover of targeted users.
CVSS Information
N/A
Vulnerability Type
忘记口令恢复机制弱
Vulnerability Title
Rising Technosoft CAP back office application 授权问题漏洞
Vulnerability Description
Rising Technosoft CAP back office application是印度Rising Technosoft公司的一个后台应用程序。 Rising Technosoft CAP back office application存在授权问题漏洞,该漏洞源于API端点中实现的弱密码重置机制,允许经过身份验证的远程攻击者通过易受攻击的API端点接管目标用户账户。
CVSS Information
N/A
Vulnerability Type
N/A