5 matches found
Exploit for CVE-2025-47227
🔓 CVE-2025-47227 — Critical Admin Password Reset Bypass in Scr...
ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
Exploit Title: ScriptCase 9.12.006 23 - Remote Command Execution RCE Date: 04/07/2025 Exploit Author: Alexandre ZANNI noraj & Alexandre DROULLÉ cabir Vendor Homepage: https://www.scriptcase.net/ Software Link: https://www.scriptcase.net/download/ Version: 1.0.003-build-2 Production Environment /...
CVE-2025-47227
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...
CVE-2025-47227
Netmake ScriptCase Production Environment extension (up to 9.12.006) contains a vulnerability in the administrator password reset mechanism. Specifically, GET and POST requests to login.php can bypass authentication, enabling an unauthenticated administrator account takeover. The CVSS=3.1 base sc...
CVE-2025-47227
In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeov...