Vulnerability Details CVE-2017-8382
admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.8%
CVSS Severity
CVSS v3 Score 4.5
CVSS v2 Score 3.5
References
- http://en.0day.today/exploit/27771
- https://github.com/Admidio/admidio/issues/612
- https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc
- https://www.exploit-db.com/exploits/42005/
- http://en.0day.today/exploit/27771
- https://github.com/Admidio/admidio/issues/612
- https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc
- https://www.exploit-db.com/exploits/42005/