Описание
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
Ссылки
- ExploitThird Party Advisory
- Product
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.0 (включая)
cpe:2.3:a:phpgurukul:small_crm:*:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00042
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-862
CWE-862
Связанные уязвимости
CVSS3: 6.3
github
около 1 месяца назад
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
EPSS
Процентиль: 12%
0.00042
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-862
CWE-862