Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames.
References
Link | Resource |
---|---|
https://github.com/zyx0814/dzzoffice/issues/184 | Exploit Issue Tracking |
https://github.com/zyx0814/dzzoffice/issues/184 | Exploit Issue Tracking |
Configurations
History
05 Dec 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-863 |
21 Nov 2024, 06:03
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/zyx0814/dzzoffice/issues/184 - Exploit, Issue Tracking |
05 Jul 2023, 20:17
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:dzzoffice:dzzoffice:2.02.1:*:*:*:*:*:*:* | |
CWE | NVD-CWE-Other | |
References | (MISC) https://github.com/zyx0814/dzzoffice/issues/184 - Exploit, Issue Tracking | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
27 Jun 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-27 14:15
Updated : 2024-12-05 15:15
NVD link : CVE-2021-30205
Mitre link : CVE-2021-30205
CVE.ORG link : CVE-2021-30205
JSON object : View
Products Affected
dzzoffice
- dzzoffice
CWE