Ecjia

ecjia

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Daojia

daojia

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-27055 1Ecjia 1Daojia Nov 21, 2024 Apr 19, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. When the web program is installed, a new environment file is created, and the database information is re...Show more ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. When the web program is installed, a new environment file is created, and the database information is recorded, including the database record password. NOTE: the vendor disputes this because the environment file is in the data directory, which is not intended for access by website visitors (only the statics directory can be accessed by website visitors)Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-27055

1Ecjia

1Daojia

Nov 21, 2024

Apr 19, 2022

N/A· v4

7.5 HIGH· v3

5.0 MEDIUM· v2

ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. When the web program is installed, a new environment file is created, and the database information is recorded, including the database record password. NOTE: the vendor disputes this because the environment file is in the data directory, which is not intended for access by website visitors (only the statics directory can be accessed by website visitors)Show less