Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Low token entropy in MegaBIP
Vulnerability Description
Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value. It allows an unauthenticated attacker who know user login names to brute force these tokens and change account passwords (including these belonging to administrators). Version 5.20 of MegaBIP fixes this issue.
CVSS Information
N/A
Vulnerability Type
随机数的空间太小
Vulnerability Title
MegaBIP 安全漏洞
Vulnerability Description
MegaBIP是MegaBIP公司的一个用于创建BIP网站的软件。 MegaBIP 5.20之前版本存在安全漏洞,该漏洞源于密码重置令牌生成空间过小,可能导致暴力破解攻击。
CVSS Information
N/A
Vulnerability Type
N/A