PT-2025-18006 · Unknown · Dazhouda Lecms

Dtwin

Publicado

2025-04-27

Atualizado

2025-05-12

CVE-2025-3978

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions dazhouda lecms version 3.0.3

Description A vulnerability was found in the software, which has been rated as problematic. It affects some unknown functionality of the file admin/view/default/user set.htm, leading to information disclosure. The attack may be launched remotely.

Recommendations For dazhouda lecms version 3.0.3, consider restricting access to the file admin/view/default/user set.htm to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200CWE-284

Identificadores relacionados

CVE-2025-3978

Produtos afetados

Dazhouda Lecms

PT-2025-18006 · Unknown · Dazhouda Lecms

CVE-2025-3978

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11