bypass old password with array in /admin/account-user-email.php

Disclosed: 2020-03-12 12:54:49 By hoangn14 To revive_adserver

Low

Vulnerability Details

### Short Description - attacker maybe change email or password without enter old password with array param. - version:revive-adserver-5.0.4 - os :window ### POC {F712486} ## Impact attacker maybe change email or password without enter old password

Actions

View on HackerOne

Report Stats

Report ID: 792895
State: Closed
Substate: resolved
Upvotes: 20

bypass old password with array in /admin/account-user-email.php

Vulnerability Details

Actions

Report Stats

Share this report