TaleLin Lin-CMS Password Vulnerability in Configuration File

Vulnerability

A vulnerability exists in TaleLin Lin-CMS versions through 0.6.0, specifically within the Tests Folder's config.py file. This issue arises from the improper handling of the username/password argument, which can lead to the password being stored in a configuration file. The vulnerability can be exploited remotely, although the attack's complexity is considered high. Publicly disclosed exploitation details are available.

Impact

Exploitation of this vulnerability allows unauthorized access to the default administrator account, potentially leading to a complete system takeover and exposure of sensitive information.

Added: Dec 28, 2025, 8:17 PM

Updated: Dec 28, 2025, 8:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TaleLin Lin-CMS Password Vulnerability in Configuration File

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating