Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HAX CMS has Unauthenticated Git Access via User-Controlled Key
Vulnerability Description
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 2.0.0 and prior to version 26.0.0, the gitlist plugin is exposed to unauthenticated users, allowing unauthenticated browsing of git repositories and git history. Version 26.0.0 patches the issue.
CVSS Information
N/A
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
HAX 安全漏洞
Vulnerability Description
HAX是HAX The Web开源的一个HAX+CMS使用PHP后端管理的微型网站。 HAX 2.0.0版本至26.0.0之前版本存在安全漏洞,该漏洞源于gitlist插件暴露给未认证用户,可能导致未认证用户浏览git仓库和git历史。
CVSS Information
N/A
Vulnerability Type
N/A