Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Account Takeover Vulnerability in CAP back office application
Vulnerability Description
This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid login ID could exploit this vulnerability through vulnerable API endpoint which could lead to account takeover of targeted users.
CVSS Information
N/A
Vulnerability Type
忘记口令恢复机制弱
Vulnerability Title
Rising Technosoft CAP back office application 授权问题漏洞
Vulnerability Description
Rising Technosoft CAP back office application是印度Rising Technosoft公司的一个后台应用程序。 Rising Technosoft CAP back office application存在授权问题漏洞,该漏洞源于API端点中实现的弱密码重置机制,允许经过身份验证的远程攻击者通过易受攻击的API端点接管目标用户账户。
CVSS Information
N/A
Vulnerability Type
N/A