漏洞标题
"织布者电子生态源代码生态_dev.zip信息披露"
漏洞描述信息
发现了一个漏洞存在于Weaver e-cology 8中,已分类为问题。受影响的是组件Source Code Handler文件/cloudstore/ecode/setup/ecology_dev.zip中的一个未知函数。此操作会导致信息泄露,可远程执行攻击。攻击手法已公开并可能被利用。请注意:厂商在披露此漏洞时就已经被通知,但未做出任何回应。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
漏洞类别
信息暴露
漏洞标题
Weaver e-cology Source Code ecology_dev.zip information disclosure
漏洞描述信息
A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecology_dev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
漏洞类别
信息暴露
漏洞标题
Weaver e-cology 信息泄露漏洞
漏洞描述信息
Weaver e-cology是中国泛微(Weaver)公司的一套协同管理应用平台。 Weaver e-cology 8版本存在信息泄露漏洞。攻击者利用该漏洞可以获取敏感信息。
CVSS信息
N/A
漏洞类别
信息泄露