CVE-2019-19550

HIGH

Senior Rubiweb <6.2.34.28,6.2.34.37 - Auth Bypass

Title source: llm

Description

Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL.

Exploits (2)

nomisec WORKING POC 2 stars

by underprotection · poc

https://github.com/underprotection/CVE-2019-19550

View Code ZIP pw:eip

nomisec WRITEUP

by redteambrasil · poc

https://github.com/redteambrasil/CVE-2019-19550

View Code ZIP pw:eip

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_confirm

https://github.com/underprotection/CVE-2019-19550/

Scores

CVSS v3 7.5

EPSS 0.0054

EPSS Percentile 67.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (2)

senior/rubiweb 6.2.34.28

senior/rubiweb 6.2.34.37

Published Jan 31, 2020

Tracked Since Feb 18, 2026