exploitDog

GHSA-q4h9-78vf-qm6j

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Help Desk Reloaded Free Help Desk does not remove or protect install.php once installation is complete, which allows remote attackers to gain privileges via a direct request to install.php, then navigating to accountsetup.php and creating a new user.

Help Desk Reloaded Free Help Desk does not remove or protect install.php once installation is complete, which allows remote attackers to gain privileges via a direct request to install.php, then navigating to accountsetup.php and creating a new user.

Ссылки

EPSS

Процентиль: 73%

0.00763

Низкий

CVE ID

Связанные уязвимости

CVE-2005-4025

nvd

около 20 лет назад

Help Desk Reloaded Free Help Desk does not remove or protect install.php once installation is complete, which allows remote attackers to gain privileges via a direct request to install.php, then navigating to accountsetup.php and creating a new user.

EPSS

Процентиль: 73%

0.00763

Низкий

CVE ID