CVE-2020-8424

Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cups_easy_project:cups_easy:1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 05:38

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/156140/Cups-Easy-1.0-Cross-Site-Request-Forgery.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/156140/Cups-Easy-1.0-Cross-Site-Request-Forgery.html - Exploit, Third Party Advisory, VDB Entry
References () https://github.com/J3rryBl4nks/CUPSEasyExploits - Exploit, Third Party Advisory () https://github.com/J3rryBl4nks/CUPSEasyExploits - Exploit, Third Party Advisory

Information

Published : 2020-01-28 23:15

Updated : 2024-11-21 05:38


NVD link : CVE-2020-8424

Mitre link : CVE-2020-8424

CVE.ORG link : CVE-2020-8424


JSON object : View

Products Affected

cups_easy_project

  • cups_easy
CWE
CWE-352

Cross-Site Request Forgery (CSRF)