Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
BiYan Information Leakage

BiYan Information Leakage

BiYan 筆硯 is a well-known document system that is widely used in Asia that developed by EXCELLENT INFOTEK 傑印.

This vulnerability allows an attacker to reveal user information without being authenticated and login to the system.

Vulns

Information Leakage 1 (CVE-2019-11233)

The HTTP response contains information about the target user. RESPONSE_01

Information Leakage 2 (CVE-2019-11232)

The HTTP response contains information and password about the target user.

PWD_Plaintext

Notes

  1. BiYan 筆硯
  2. EXCELLENT INFOTEK 傑印

Credits

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.