Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request.
References
Link | Resource |
---|---|
https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008 | Product |
https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html | Exploit Third Party Advisory VDB Entry |
https://tregix.com/ | Not Applicable |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-09-08T00:00:00
Updated: 2023-09-08T02:41:31.087354
Reserved: 2023-07-10T00:00:00
Link: CVE-2023-37759
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-08T03:15:08.727
Modified: 2023-09-12T00:10:11.453
Link: CVE-2023-37759
JSON object: View
Redhat Information
No data.
CWE