CVE-2020-19964

A Cross Site Request Forgery (CSRF) vulnerability was discovered in PHPMyWind 5.6 which allows attackers to create a new administrator account without authentication.
References
Link Resource
https://github.com/gaozhifeng/PHPMyWind Product Third Party Advisory
https://github.com/gaozhifeng/PHPMyWind/issues/9 Exploit Third Party Advisory
http://phpmywind.com Broken Link
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:phpmywind:phpmywind:5.6:*:*:*:*:*:*:*

Information

Published : 2021-10-14 08:15

Updated : 2021-10-19 12:25


NVD link : CVE-2020-19964

Mitre link : CVE-2020-19964


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

phpmywind

  • phpmywind