Hindu Matrimonial Script sql injection
CVE-2017-20067

7.3HIGH

Key Information:

Vendor: Unspecified
Status: Hindu Matrimonial Script
Vendor: CVE Published:; 21 June 2022

🔔 Create Unspecified Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2017-20067?

A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Affected Version(s)

Hindu Matrimonial Script

References

https://www.exploit-db.com/exploits/41044/

x_refsource_MISC

https://vuldb.com/?id.95407

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jun 21, 2022
👾
Exploit known to exist
Jun 21, 2022
Vulnerability published
Jun 21, 2022
Vulnerability Reserved
Jun 18, 2022

Credit

Ihsan Sencan