← voltar
CVE-2019-17605

CVE-2019-17605

EPSS 1.1%
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account (by also exploiting CVE-2019-17604) via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is changed.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://gist.github.com/AhMyth/6d9c5e15d943dd092ccca19fca8d5d37http://www.eyecomms.com/Products/eyeCMS.html