Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
megagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert() method in UserController.java lacks authentication checks, allowing unauthenticated attackers to create super administrator accounts by directly accessing the /user/insert endpoint. This leads to complete system compromise.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
production_ssm 安全漏洞
Vulnerability Description
production_ssm是MegaGao个人开发者的一个SSM(Spring+SpringMVC+Mybatis)+jQuery EasyUI开发的ERP系统。 production_ssm v1.0版本存在安全漏洞,该漏洞源于用户添加功能存在授权绕过,可能导致未经身份验证的攻击者创建超级管理员账户。
CVSS Information
N/A
Vulnerability Type
N/A