CVE-2021-41696 · Vexday

CVE-2021-41696

EPSS 0.9%

An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.chudamax.com/posts/multiple-vulnerabilities-in-belloo-dating-script/