CVE-2021-37394
In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration.
Date published : 2021-07-26
https://gist.github.com/victomteng1997/bfa1e0e07dd22f7e0b13256eda79626f
In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration.
Date published : 2021-07-26
https://gist.github.com/victomteng1997/bfa1e0e07dd22f7e0b13256eda79626f