Описание
A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- ExploitIssue TrackingVendor Advisory
- ExploitIssue TrackingVendor Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitIssue TrackingVendor Advisory
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:native-php-cms_project:native-php-cms:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00185
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-1392
NVD-CWE-Other
Связанные уязвимости
CVSS3: 7.3
github
около 1 года назад
A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 40%
0.00185
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-1392
NVD-CWE-Other