exploitDog

GHSA-5q6p-5c2h-f5h7

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.

Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.

Ссылки

EPSS

Процентиль: 55%

0.00323

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-732

Связанные уязвимости

CVE-2017-17568

CVSS3: 7.5

nvd

около 8 лет назад

Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.

EPSS

Процентиль: 55%

0.00323

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-732