CVE-2026-1197

Low CVSS: 2.3

A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in information disclosure. The attack can be initiated remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Mineadmin

Product

Mineadmin

CWE

CWE-200

Yayın Tarihi

2026-01-20 01:15:56

Güncelleme

2026-02-05 17:51:25

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-200 Mineadmin LOW Mineadmin 2026

Referanslar

https://github.com/SourByte05/MineAdmin-Vulnerability/issues/2 https://vuldb.com/?ctiid.341782 https://vuldb.com/?id.341782 https://vuldb.com/?submit.734274

Benzer Kayıtlar

Low

CVE-2026-1195

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of th…

Low

CVE-2026-1196

A security vulnerability has been detected in MineAdmin 1.x/2.x. Affected is an unknown function of the file /system/get…

Medium

CVE-2026-1194

A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the component Swagger. The…

Medium

CVE-2026-1193

A vulnerability was identified in MineAdmin 1.x/2.x. The impacted element is an unknown function of the file /system/cac…

Critical

CVE-2025-65854

Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute arbitrary commands and…