Lucene search

VulDBCVELIST:CVE-2017-20075

HistoryJun 21, 2022 - 6:05 a.m.

CVE-2017-20075 Hindu Matrimonial Script payment.php privileges management

2022-06-2106:05:55

CWE-269

VulDB

www.cve.org

cve-2017-20075

hindu matrimonial script

payment.php

privileges management

remote attack

improper privilege management

critical vulnerability

public disclosure

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

62.2%

JSON

A vulnerability was found in Hindu Matrimonial Script. It has been classified as critical. This affects an unknown part of the file /admin/payment.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CNA Affected

[
  {
    "product": "Hindu Matrimonial Script",
    "vendor": "unspecified",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

vuldb.com/?id.95415

www.exploit-db.com/exploits/41044/