Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Administrator Account Creation Vulnerability in BLUVOYIX
Vulnerability Description
The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX admin APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable admin API to create a new user with admin privileges. Successful exploitation of this vulnerability could allow the attacker to gain full access to customers' data and completely compromise the targeted platform by logging in to the newly-created admin user.
CVSS Information
N/A
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Bluspark BLUVOYIX 安全漏洞
Vulnerability Description
Bluspark BLUVOYIX是美国Bluspark公司的一个数字化供应链管理平台。 Bluspark BLUVOYIX存在安全漏洞,该漏洞源于管理API身份验证不当,可能导致攻击者创建具有管理员权限的新用户,从而完全访问客户数据并彻底破坏目标平台。
CVSS Information
N/A
Vulnerability Type
N/A