CVE Vulnerabilities

CVE-2017-20072

Improper Privilege Management

Published: Jun 21, 2022 | Modified: Jun 28, 2022
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/generalsettings.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name Vendor Start Version End Version
Hindu_matrimonial_script Hindu_matrimonial_script_project - (including) - (including)

Potential Mitigations

References