CVE-2017-20078

MEDIUM

Hindu Matrimonial Script - Privilege Escalation

Title source: llm

Description

A vulnerability classified as critical has been found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/featured.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Exploits (1)

exploitdb WORKING POC

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/41044

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/41044/

Permissions Required, Third Party Advisory, VDB Entry x_refsource_misc

https://vuldb.com/?id.95418

Scores

CVSS v3 6.3

EPSS 0.0029

EPSS Percentile 51.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-269

Status published

Products (1)

hindu_matrimonial_script_project/hindu_matrimonial_script

Published Jun 21, 2022

Tracked Since Feb 18, 2026