Описание
Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory field requirements (e.g. surname, company name) established by the system. Version 2.1.2 fixes this issue.
Ссылки
- Patch
- ExploitVendor Advisory
- Exploit
- Patch
- ExploitVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 2.1.2 (исключая)
cpe:2.3:a:froxlor:froxlor:*:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00045
Низкий
7.5 High
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
debian
около 2 лет назад
Froxlor is open source server administration software. Prior to versio ...
CVSS3: 7.5
github
около 2 лет назад
Froxlor username/surname AND company field Bypass
EPSS
Процентиль: 14%
0.00045
Низкий
7.5 High
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo