White Shark System (WSS) 1.3.2 has a sensitive information disclosure vulnerability. The if_get_addbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site.
References
Link | Resource |
---|---|
https://github.com/itodaro/WhiteSharkSystem_cve | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2021-06-20 22:15
Updated : 2021-06-23 12:23
NVD link : CVE-2020-20472
Mitre link : CVE-2020-20472
JSON object : View
CWE
CWE-306
Missing Authentication for Critical Function
Products Affected
white_shark_systems_project
- white_shark_systems