mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
795 B
795 B
CVE-2019-14347
Description
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
POC
Reference
- http://packetstormsecurity.com/files/155213/Adive-Framework-2.0.7-Privilege-Escalation.html
- https://hackpuntes.com/cve-2019-14347-escalacion-de-privilegios-en-adive/