ThemeGrill Demo Importer 漏洞列表

共找到 2 个与 ThemeGrill Demo Importer 相关的漏洞

📅 加载漏洞趋势中...

CVE-2020-36333: ThemeGrill Demo Importer < 1.6.2 - Database Reset POC

日期: 2025-08-01 | 影响软件: ThemeGrill Demo Importer

ThemeGrill Demo Importer before 1.6.2 does not require authentication for wiping the database due to a reset_wizard_actions hook. In versions 1.3.4 and above and versions 1.6.1 and below, there is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state after which they are automatically logged in as an administrator.
CVE-2020-36333: ThemeGrill Demo Importer < 1.6.2 - Database Reset POC

日期: 2025-08-01 | 影响软件: ThemeGrill Demo Importer

ThemeGrill Demo Importer before 1.6.2 does not require authentication for wiping the database due to a reset_wizard_actions hook. In versions 1.3.4 and above and versions 1.6.1 and below, there is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state after which they are automatically logged in as an administrator.