Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A non-default configuration in Sage DPW 2025_06_004 allows unauthenticated access to diagnostic endpoints within the Database Monitor feature, exposing sensitive information such as hashes and table names. This feature is disabled by default in all installations and never available in Sage DPW Cloud. It was forcibly disabled again in version 2025_06_003.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
Sage DPW 安全漏洞
Vulnerability Description
Sage DPW是英国Sage公司的一个人力资源系统。 Sage DPW 2025_06_004版本存在安全漏洞,该漏洞源于非默认配置允许未经验证访问诊断端点,可能导致暴露哈希和表名等敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A