exploitDog

CVE-2020-35273

Опубликовано: 21 дек. 2020

Источник: nvd

CVSS3: 8

CVSS2: 6

EPSS Низкий

Описание

EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any user's account.

Ссылки

http://egavilanmedia.com
Vendor Advisory
https://www.exploit-db.com/exploits/49151
Exploit
Third Party Advisory
VDB Entry
http://egavilanmedia.com
Vendor Advisory
https://www.exploit-db.com/exploits/49151
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:egavilanmedia:user_registration_\&_login_system_with_admin_panel:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00163

Низкий

8 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-92h4-jh72-6gpm

github

больше 3 лет назад

EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any user's account.

EPSS

Процентиль: 38%

0.00163

Низкий

8 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-352