exploitDog

CVE-2021-41694

Опубликовано: 09 дек. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php.

Ссылки

https://www.chudamax.com/posts/multiple-vulnerabilities-in-belloo-dating-script/
Exploit
Third Party Advisory
https://www.chudamax.com/posts/multiple-vulnerabilities-in-belloo-dating-script/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:globaldatingsoftware:premiumdatingscript:4.2.7.7:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00353

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-330

Связанные уязвимости

GHSA-ggp6-pc6f-gh53

CVSS3: 9.8

github

около 4 лет назад

An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php.

EPSS

Процентиль: 57%

0.00353

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-330