Описание
Cross-site request forgery (CSRF) vulnerability in admin/settings.php in IPN Pro 3 1.44 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the admin_id, newpass_1, and newpass_2 parameters.
Уязвимые конфигурации
Конфигурация 1Версия до 1.44 (включая)
cpe:2.3:a:ipn-mate:ipn_pro_3:*:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00447
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
больше 3 лет назад
Cross-site request forgery (CSRF) vulnerability in admin/settings.php in IPN Pro 3 1.44 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the admin_id, newpass_1, and newpass_2 parameters.
EPSS
Процентиль: 63%
0.00447
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-352