Описание
AlstraSoft Live Support 1.21 sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request to admin/managesettings.php.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:alstrasoft:live_support:1.21:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05352
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
AlstraSoft Live Support 1.21 sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request to admin/managesettings.php.
EPSS
Процентиль: 90%
0.05352
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other