漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
FroshAdminer Adminer UI is accessible without admin session
Vulnerability Description
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route (/admin/adminer) was accessible without Shopware admin authentication. The route was configured with auth_required=false and performed no session validation, exposing the Adminer UI to unauthenticated users. This vulnerability is fixed in 2.2.1.
CVSS Information
N/A
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Adminer 访问控制错误漏洞
Vulnerability Description
Adminer是Adminer开源的一个 WordPress 插件。允许 WordPress 管理员快速进行数据库管理。 Adminer 2.2.1之前版本存在访问控制错误漏洞,该漏洞源于Adminer路由无需Shopware管理员身份验证即可访问,可能导致未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A