Back to search
CVE-2019-11233
Published: Jun 19, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 allows an attacker to leak user information without being authenticated, by sending a LOGIN_ID element to the auth/main/asp/check_user_login_info.aspx URI, and then reading the response, as demonstrated by the KW_EMAIL or KW_TEL field.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://gist.github.com/keniver/dd27ba44d0aef4318551e647d927242f
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now