2 matches found
CVE-2018-19222
An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysqlhy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists...
CVE-2018-19222
The CVE-2018-19222 entry concerns LAOBANCMS 2.0, where an attacker can trigger an administrator password reset via the path /install/mysql_hy.php?riqi=0&i=0, even if install.txt exists. The issue is described across multiple sources (Red Hat, CNVD, NVD, CVE listings) as a password-reset vulnerabi...