CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 4CVE-2020-8424 – Cups Easy 1.0 - Cross Site Request Forgery (Password Reset)
https://notcve.org/view.php?id=CVE-2020-8424
28 Jan 2020 — Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php. Cups Easy (Purchase & Inventory) versión 1.0, es vulnerable a un ataque de tipo CSRF que conlleva a la toma de control de la cuenta de administrador por medio del archivo passwordmychange.php. Cups Easy version 1.0 suffers from a cross site request forgery vulnerability. • https://packetstorm.news/files/id/156140 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 4CVE-2020-8425 – Cups Easy 1.0 - Cross Site Request Forgery (Password Reset)
https://notcve.org/view.php?id=CVE-2020-8425
28 Jan 2020 — Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php. Cups Easy (Purchase & Inventory) versión 1.0, es vulnerable a un ataque de tipo CSRF que conlleva a la eliminación de la cuenta de administrador por medio del archivo userdelete.php. Cups Easy version 1.0 suffers from a cross site request forgery vulnerability. • https://packetstorm.news/files/id/156140 • CWE-352: Cross-Site Request Forgery (CSRF) •