exploitDog

GHSA-qg25-rr8f-97f2

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action.

utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action.

Ссылки

EPSS

Процентиль: 93%

0.09624

Низкий

CVE ID

Связанные уязвимости

CVE-2006-2737

nvd

больше 19 лет назад

utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action.

EPSS

Процентиль: 93%

0.09624

Низкий

CVE ID