Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request.
References
| Link | Resource |
|---|---|
| https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008 | Product |
| https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html | Exploit Third Party Advisory VDB Entry |
| https://tregix.com/ | Not Applicable |
Configurations
History
12 Sep 2023, 00:10
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Trendylogics
Trendylogics crypto Currency Tracker |
|
| CWE | NVD-CWE-Other | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| CPE | cpe:2.3:a:trendylogics:crypto_currency_tracker:*:*:*:*:*:*:*:* | |
| References | (MISC) https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008 - Product | |
| References | (MISC) https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html - Exploit, Third Party Advisory, VDB Entry | |
| References | (MISC) https://tregix.com/ - Not Applicable |
08 Sep 2023, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-09-08 03:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-37759
Mitre link : CVE-2023-37759
CVE.ORG link : CVE-2023-37759
JSON object : View
Products Affected
trendylogics
- crypto_currency_tracker
CWE