EUVD-2021-24272

Malware in sbrugna...

CVE-2021-37791

MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin...

CVE-2022-39301 sra-admin is vulnerable to storage cross-site scripting (XSS) via unrestricted file upload

sra-admin is a background rights management system that separates the front and back end. sra-admin version 1.1.1 has a storage cross-site scripting XSS vulnerability. After logging into the sra-admin background, an attacker can upload an html page containing xss attack code in "Personal Center" ...

CVE-2021-37791

MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin...

Improper access control

MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin...

CVE-2021-37791

CVE-2021-37791 affects MyAdmin v1.0 and is caused by an incorrect access control in the /api/user/userData?userCode=admin endpoint, exposing personal center data. The NVD entry lists CVSSv2 4.0 (MEDIUM) and CVSSv3.1 4.9 (MEDIUM); impact is confidentiality-only in CVSSv2 and high confidentiality i...

MyAdmin 安全漏洞

MyAdmin is a backend management system for cdfan personal developers. A security vulnerability exists in MyAdmin v1.0, which stems from an incorrect access control vulnerability when viewing the Personal Center in /api/user/userData?userCode=admin...