exploitDog

GHSA-m857-mpg8-9p23

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in v0.3.3.

Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in v0.3.3.

Ссылки

EPSS

Процентиль: 64%

0.00466

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2018-1000501

Дефекты

CWE-640

Связанные уязвимости

CVE-2018-1000501

CVSS3: 9.8

nvd

больше 7 лет назад

Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in v0.3.3.

EPSS

Процентиль: 64%

0.00466

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2018-1000501

Дефекты

CWE-640