15 matches found
EUVD-2019-5563
Malware in sbrugna...
EUVD-2019-5562
Malware in sbrugna...
CVE-2019-14346
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password...
CVE-2019-14347
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users editor or developer to create an administrator account via admin/user/add, as demonstrated by a Python PoC script...
Schben Adive Cross-Site Request Forgery Vulnerability
Schben Adive is a PHP-based web development framework . A cross-site request forgery vulnerability exists in the Internal/Views/config.php file in Schben Adive version 2.0.7, which stems from a WEB application that does not adequately validate whether a request is coming from a trusted user, and...
CVE-2019-14347
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users editor or developer to create an administrator account via admin/user/add, as demonstrated by a Python PoC script...
Design/Logic Flaw
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users editor or developer to create an administrator account via admin/user/add, as demonstrated by a Python PoC script...
CVE-2019-14347
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users editor or developer to create an administrator account via admin/user/add, as demonstrated by a Python PoC script...
CVE-2019-14347
Schben Adive 2.0.7 contains a privilege-escalation vector in Internal/Views/addUsers.php that lets remote unauthenticated (unprivileged) users with editor/developer roles create an administrator account via admin/user/add. The issue is demonstrated by a Python PoC and is discussed in multiple thi...
CVE-2019-14346
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password...
CVE-2019-14346
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password...
Cross site request forgery (csrf)
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password...
CVE-2019-14346
CVE-2019-14346 affects Schben Adive 2.0.7. The vulnerability is a Cross-Site Request Forgery in Internal/Views/config.php that allows an admin/config CSRF to change a user password due to insufficient validation of request origin. Root cause stated as Web application not adequately validating tru...
CVE-2019-14346
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password...
PT-2019-13626 · Unknown · Schben Adive
Name of the Vulnerable Software and Affected Versions: Schben Adive version 2.0.7 Description: The issue allows remote unprivileged users, such as editors or developers, to create an administrator account. This can be achieved via the admin/user/add endpoint, as demonstrated by a Python...