Описание
Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal. The configuration backup file, which contains username hashes, cleartext passwords, and API keys, can be downloaded. This could allow a malicious actor to crack the passwords offline and/or utilize the API keys to control the remote application.
Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal. The configuration backup file, which contains username hashes, cleartext passwords, and API keys, can be downloaded. This could allow a malicious actor to crack the passwords offline and/or utilize the API keys to control the remote application.
Связанные уязвимости
Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL, one enumerates Contact information on the host which contains usernames, e-mail addresses, and other internal information stored within the web app.