Extinction

1 exploit Active since Jan 2026
CVE-2020-37046 EXPLOITDB MEDIUM text WORKING POC
Sistem Informasi Pengumuman Kelulusan Online 1.0 - CSRF
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative accounts without the victim's consent.
CVSS 5.3