漏洞描述
深圳市异度信息产业有限公司是一家以教育信息底层技术为核心,以推进教育信息化建设为目标的公司,该系统存在接口未授权访问可导致用户密码泄露。
异度云教育Users敏感信息泄露漏洞
PoC代码
暂无相关漏洞推荐
- POC unifi-create-user: UniFi - Unauthenticated Creation Access For Users
- POC CVE-2022-0769: Users Ultra <= 3.1.0 - SQL Injection
- POC mfa-console-password-disabled: MFA For RAM Users With Console Password - Disabled
- POC iam-user-password-change: Enable Self-Service Password Change for IAM Users
- POC s3-auth-fullcontrol: Restrict S3 Buckets FULL_CONTROL Access for Authenticated Users
- POC azure-entra-id-guest-users-unmonitored: Azure Entra ID Guest Users Unmonitored
- POC azure-mfa-not-enabled-privileged-users: Azure MFA Not Enabled for All Privileged Users
- POC gcloud-iam-admin-roles: IAM Users with Administrative Roles
- POC gcloud-iam-unrestricted-decryption: IAM Users with Unrestricted Data Decryption Permissions
- POC landray-zhihuixietong-dingusers-sqli: 蓝凌EIS智慧协同平台DingUsers.aspx接口存在SQL注入漏洞
- POC rdp-drive-redirection-allowed: Remote Desktop Users Can Redirect Drives
- POC usersnap-widget-csp-bypass: Content-Security-Policy Bypass - Usersnap Widget
- POC yisaitong-getallusers-disclosure: 亿赛通电子文档安全管理系统 getAllUsers 信息泄露漏洞