CVE-2024-1701 | keerti1924 PHP-MYSQL-User-Login-System 1.0 /edit.php access control

Inserito da Angelo Barbosa | Feb 21, 2024 | CVE

A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls.

This vulnerability is known as CVE-2024-1701. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-1701 | keerti1924 PHP-MYSQL-User-Login-System 1.0 /edit.php access control

Post correlati

CVE-2024-0625 | WPFront Notification Bar up to 3.3.2 on WordPress wpfront-notification-bar-options[custom_class] cross site scripting

CVE-2024-33593 | RedNao Smart Forms Plugin up to 2.6.91 on WordPress authorization

CVE-2024-2277 | Bdtask G-Prescription Gynaecology & OBS Consultation Software Password Reset change_password_save cross-site request forgery

CVE-2024-0596 | Awesome Support Plugin up to 6.1.7 on WordPress editor_html authorization