CVE-2020-8425

Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cups_easy_\(purchase_\&_inventory\)_project:cups_easy_\(purchase_\&_inventory\):1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 05:38

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/156140/Cups-Easy-1.0-Cross-Site-Request-Forgery.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/156140/Cups-Easy-1.0-Cross-Site-Request-Forgery.html - Exploit, Third Party Advisory, VDB Entry
References () https://github.com/J3rryBl4nks/CUPSEasyExploits - Exploit, Third Party Advisory () https://github.com/J3rryBl4nks/CUPSEasyExploits - Exploit, Third Party Advisory

Information

Published : 2020-01-28 23:15

Updated : 2024-11-21 05:38


NVD link : CVE-2020-8425

Mitre link : CVE-2020-8425

CVE.ORG link : CVE-2020-8425


JSON object : View

Products Affected

cups_easy_\(purchase_\&_inventory\)_project

  • cups_easy_\(purchase_\&_inventory\)
CWE
CWE-352

Cross-Site Request Forgery (CSRF)