CVE-2020-35273
HIGH WAF: Low
CVSS 8.0
Published: 2020-12-21
CWE-352
EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any user's account.
WAF Coverage Analysis
Cross-Site Request Forgery (CSRF)
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| egavilanmedia | user_registration_\&_login_system_with_admin_panel | 1.0 |
References
- egavilanmedia.com (Vendor Advisory)
- www.exploit-db.com (Exploit, Third Party Advisory, VDB Entry)