exploitDog

CVE-2020-37091

Опубликовано: 03 фев. 2026

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows attackers to create administrative accounts without authentication. Attackers can craft malicious HTML forms to add admin users and upload PHP files with unrestricted file upload capabilities through the FAQ attachment system.

Ссылки

EPSS

Процентиль: 5%

0.00023

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-2rv2-xrc4-x25w

CVSS3: 5.3

github

4 дня назад

Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows attackers to create administrative accounts without authentication. Attackers can craft malicious HTML forms to add admin users and upload PHP files with unrestricted file upload capabilities through the FAQ attachment system.

EPSS

Процентиль: 5%

0.00023

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-352