Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
saltbo zpan JSON Web Token token.go NewToken hard-coded password
Vulnerability Description
A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the component JSON Web Token Handler. The manipulation with the input 123 leads to use of hard-coded password. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
使用硬编码的口令
Vulnerability Title
ZPan 安全漏洞
Vulnerability Description
ZPan是Jasper Van个人开发者的一个基于云存储的网盘系统。 ZPan 1.6.5和1.7.0-beta2及之前版本存在安全漏洞,该漏洞源于使用硬编码密码。
CVSS Information
N/A
Vulnerability Type
N/A