CVE-2017-6513

Sažetak

The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by Virtualizor by accessing a modified URL.

Reference

http://www.virtualizor.com/blog/?p=1551
https://gist.github.com/sedrubal/a83fa22f1091025a5c1a14aabd711ad7

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

13-04-2017 - 01:59

Objavljeno

11-03-2017 - 06:59