Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Vertikal Systems Hospital Manager Backend Services Exposure of Sensitive System Information to an Unauthorized Control Sphere
Vulnerability Description
Prior to September 19, 2025, the Hospital Manager Backend Services exposed the ASP.NET tracing endpoint /trace.axd without authentication, allowing a remote attacker to obtain live request traces and sensitive information such as request metadata, session identifiers, authorization headers, server variables, and internal file paths.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
将系统数据暴露到未授权控制的范围
Vulnerability Title
Vertikal Systems Hospital Manager Backend Services 安全漏洞
Vulnerability Description
Vertikal Systems Hospital Manager Backend Services是罗马尼亚Vertikal Systems公司的一款医院信息管理系统。 Vertikal Systems Hospital Manager Backend Services 2025年9月19日之前版本存在安全漏洞,该漏洞源于未经验证的ASP.NET跟踪端点trace.axd暴露,可能导致远程攻击者获取实时请求跟踪和敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A