Описание
A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /admin/add-subadmins.php of the component Add Sub-Admin Page. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit is publicly available and might be used.
Ссылки
- ExploitMitigationThird Party Advisory
- Product
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul:news_portal:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00042
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-266
Связанные уязвимости
CVSS3: 6.3
github
20 дней назад
A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /admin/add-subadmins.php of the component Add Sub-Admin Page. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit is publicly available and might be used.
EPSS
Процентиль: 13%
0.00042
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-266