mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
855 B
855 B
CVE-2019-17605
Description
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account (by also exploiting CVE-2019-17604) via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is changed.
POC
Reference
- https://gist.github.com/AhMyth/6d9c5e15d943dd092ccca19fca8d5d37
- https://gist.github.com/AhMyth/6d9c5e15d943dd092ccca19fca8d5d37
Github
No PoCs found on GitHub currently.