PuneethReddyHC Online Shopping System Advanced Admin Registration reg.php improper authentication
CVE-2023-3337

9.8CRITICAL

Key Information:

Vendor: PuneethReddyHC
Status: Online Shopping System Advanced
Vendor: CVE Published:; 20 June 2023

🔔 Create PuneethReddyHC Vulnerability Alert

What is CVE-2023-3337?

A vulnerability exists in the Admin Registration component of PuneethReddyHC's Online Shopping System Advanced version 1.0. This flaw allows for improper authentication via the /admin/reg.php file, potentially enabling remote attackers to exploit this weakness. The vulnerability can be triggered without prior authentication, posing significant risks to the system and its data integrity.

Affected Version(s)

Online Shopping System Advanced 1.0

References

https://vuldb.com/?id.232009

vdb-entrytechnical-description

https://vuldb.com/?ctiid.232009

signature

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 20, 2023
Vulnerability Reserved
Jun 20, 2023

Credit

kr1shna4garwal (VulDB User)

JSON