3 matches found
CVE-2020-27997
An issue was discovered in SmartStoreNET before 4.1.0. Lack of Cross Site Request Forgery CSRF protection may lead to elevation of privileges e.g., /admin/customer/create to create an admin account...
CVE-2020-27997
creationtimestamp| type| source ---|---|--- 2024-09-28 17:40:10+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2056...
CVE-2020-27997
CVE-2020-27997 affects SmartStoreNET before 4.1.0. The issue is a CSRF protection gap that may allow elevation of privileges, for example by calling /admin/customer/create to create an admin account. The available documents confirm the vulnerability's existence and context but do not provide conc...