Описание
The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.
Ссылки
- ExploitPatchVendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
- ExploitPatchVendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:easy_scripts_archive:advanced_easy_homepage_creator:1.0:*:*:*:*:*:*:*
cpe:2.3:a:easy_scripts_archive:easy_homepage_creator:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03062
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.
EPSS
Процентиль: 86%
0.03062
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other