Lucene search
+L

5 matches found

NVD
NVD
added 2021/11/16 2:15 a.m.14 views

CVE-2021-42337

The permission control of AIFU cashier management salary query function can be bypassed, thus after obtaining general user’s permission, the remote attacker can access account information except passwords by crafting URL parameters...

4.3CVSS0.00868EPSS
Exploits0References1
Prion
Prion
added 2021/11/16 2:15 a.m.14 views

Design/Logic Flaw

The permission control of AIFU cashier management salary query function can be bypassed, thus after obtaining general user’s permission, the remote attacker can access account information except passwords by crafting URL parameters...

4CVSS4.8AI score0.00868EPSS
Exploits0References1
CVE
CVE
added 2021/11/16 1:40 a.m.54 views

CVE-2021-42337

CVE-2021-42337 concerns the AIFU cashier management salary query function. A bypass of permission control allows a remote attacker who has obtained general user permission to access account information (excluding passwords) by crafting URL parameters. The issue is described across multiple source...

4.3CVSS4.7AI score0.00868EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/16 1:40 a.m.19 views

CVE-2021-42337 TVN-202110009

The permission control of AIFU cashier management salary query function can be bypassed, thus after obtaining general user’s permission, the remote attacker can access account information except passwords by crafting URL parameters...

4.3CVSS5AI score0.00868EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/11/16 1:34 a.m.2 views

CVE-2021-42337

The permission control of AIFU cashier management salary query function can be bypassed, thus after obtaining general user’s permission, the remote attacker can access account information except passwords by crafting URL parameters...

4.3CVSS5.8AI score0.00868EPSS
Exploits0References2
Rows per page
Query Builder