漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
EVMAPA Insufficient Session Expiration
Vulnerability Description
This vulnerability occurs when the system permits multiple simultaneous connections to the backend using the same charging station ID. This can result in unauthorized access, data inconsistency, or potential manipulation of charging sessions. The lack of proper session management and expiration control allows attackers to exploit this weakness by reusing valid charging station IDs to establish multiple sessions concurrently.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
不充分的会话过期机制
Vulnerability Title
EVMAPA 代码问题漏洞
Vulnerability Description
EVMAPA是Daniel Jurik个人开发者的一个电汽车充电站导航应用。 EVMAPA存在代码问题漏洞,该漏洞源于系统允许使用相同充电站ID建立多个并发连接,且缺少适当的会话管理和过期控制,可能导致未经授权的访问、数据不一致或会话操纵。
CVSS Information
N/A
Vulnerability Type
N/A