Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple vulnerabilities in Viafirma products
Vulnerability Description
IDOR vulnerability has been found in Viafirma Inbox v4.5.13 that allows any authenticated user without privileges in the application to list all users, access and modify their data. This allows the user's email addresses to be modified and, subsequently, using the password recovery functionality to access the application by impersonating any user, including those with administrative permissions.
CVSS Information
N/A
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Viafirma Inbox 安全漏洞
Vulnerability Description
Viafirma Inbox是西班牙Viafirma公司的一款电子签名收件箱。 Viafirma Inbox 4.5.13版本存在安全漏洞,该漏洞源于存在不安全的直接对象引用,可能导致任何经过身份验证但无特权的用户列出所有用户、访问和修改其数据,进而通过密码恢复功能冒充任何用户访问应用程序。
CVSS Information
N/A
Vulnerability Type
N/A