CVE-2020-35273

HIGH

Egavilanmedia User Registration & Login System With Admin Panel - CSRF

Title source: rule

Description

EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any user's account.

Exploits (1)

exploitdb WORKING POC

by Hardik Solanki · textwebappsmultiple

https://www.exploit-db.com/exploits/49151

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://egavilanmedia.com

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/49151

Scores

CVSS v3 8.0

EPSS 0.0016

EPSS Percentile 36.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-352

Status published

Products (1)

egavilanmedia/user_registration_\&_login_system_with_admin_panel 1.0

Published Dec 21, 2020

Tracked Since Feb 18, 2026