Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unauthenticated administrative access vulnerability exists in the open-source HashTech project (https://github.com/henzljw/hashtech) 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 (2021-07-02). Due to missing authentication checks on /admin_index.php, an attacker can directly access the admin dashboard without valid credentials. This allows full administrative control including viewing/modifying user accounts, managing orders, changing payments, and editing product listings. Successful exploitation can lead to information disclosure, data manipulation, and privilege escalation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
hashtech 安全漏洞
Vulnerability Description
hashtech是henz个人开发者的一个在线购物平台。 HashTech存在安全漏洞,该漏洞源于/admin_index.php缺少身份验证检查,可能导致未经验证的攻击者直接访问管理员仪表板。
CVSS Information
N/A
Vulnerability Type
N/A