CVE-2017-20079

MEDIUM

Hindu Matrimonial Script - Privilege Escalation

Title source: llm

Description

A vulnerability classified as critical was found in Hindu Matrimonial Script. Affected by this vulnerability is an unknown functionality of the file /admin/photo.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Exploits (1)

exploitdb WORKING POC

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/41044

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/41044/

Permissions Required, Third Party Advisory, VDB Entry x_refsource_misc

https://vuldb.com/?id.95419

Scores

CVSS v3 6.3

EPSS 0.0029

EPSS Percentile 51.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-269

Status published

Products (1)

hindu_matrimonial_script_project/hindu_matrimonial_script

Published Jun 21, 2022

Tracked Since Feb 18, 2026