CVE-2020-8424
CVE-2020-8424 affects Cups Easy (Purchase & Inventory) 1.0. The vulnerability is a Cross-Site Request Forgery (CSRF) that can lead to an admin password change via passwordmychange.php, enabling admin account takeover. Connected sources document exploitation PoCs and writeups (e.g., Exploit DB, Pa...