Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request.
CPE | Name | Operator | Version |
---|---|---|---|
crypto_currency_tracker | le | 9.5 |