漏洞标题
源代码维护保险管理系统直接请求
漏洞描述信息
在SourceCodester保险管理系统1.0中发现了一个漏洞,已被确认存在问题。该漏洞影响了文件/E-Insurance/的未知功能。通过操纵,可以导致直接请求。攻击可以远程发起。漏洞已经被公开披露,可能被利用。为这个漏洞分配了VDB-272365的标识符。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
指向未可信站点的URL重定向(开放重定向)
漏洞标题
SourceCodester Insurance Management System direct request
漏洞描述信息
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272365 was assigned to this vulnerability.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
漏洞类别
直接请求(强制性浏览)
漏洞标题
Insurance Management System 安全漏洞
漏洞描述信息
Insurance Management System是Angel Jude Reyes Suarez个人开发者的一个保险管理系统。 Insurance Management System 1.0版本存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。
CVSS信息
N/A
漏洞类别
其他