mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
967 B
967 B
CVE-2019-14347
Description
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
POC
Reference
- http://packetstormsecurity.com/files/155213/Adive-Framework-2.0.7-Privilege-Escalation.html
- http://packetstormsecurity.com/files/155213/Adive-Framework-2.0.7-Privilege-Escalation.html
- https://hackpuntes.com/cve-2019-14347-escalacion-de-privilegios-en-adive/
- https://hackpuntes.com/cve-2019-14347-escalacion-de-privilegios-en-adive/