Описание
WoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered to contain an access control issue which allows unauthenticated attackers to arbitrarily change group ID names.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wowonder:wowonder:4.0:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00768
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 5.3
github
почти 4 года назад
WoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered to contain an access control issue which allows unauthenticated attackers to arbitrarily change group ID names.
EPSS
Процентиль: 73%
0.00768
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-639