POC详情: a4b8bee47f8767dbf0180b78bd60bf5285b07159

来源
关联漏洞

疑似Oday

描述
Remote attacker can access sensitive data exposed on the URL
介绍
# Sensitive Data Exposure (CVE-2024-50961)

## Description
In DonWeb Ferozo Hosting v1.1, a remote attacker can exploit URL parameters to access sensitive data, including database credentials. Attack vectors include network sniffing, server logs, and browser history, potentially exposing organizations to major security breaches and data protection violations. Mitigating with HTTPS and secure logging practices is essential.

### Attack Complexity
- **Low**

### Privileges Required
- **None** (Unauthenticated remote attackers can exploit this vulnerability.)

### User Interaction
- **Not Required**

### Affected Components
- **URL Parameter Handling**: The vulnerability lies in how URL parameters are handled, potentially leaking sensitive data.

### Impact
- **Data Breach**: Exposure of sensitive data such as database credentials.
- **Regulatory Risk**: May lead to legal repercussions for affected organizations.

---

**CVE-2024-50961**  
*Reported by [Facundo Fernandez / Security Researcher]*

文件快照

[4.0K] /data/pocs/a4b8bee47f8767dbf0180b78bd60bf5285b07159 └── [1008] README.md 0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。