CVE-2020-18741

Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify the description of any user's photo via the "photoid%5B%5D" and "photodesc%5B%5D" parameters in the component "index.php?app=photo."
References
Link Resource
https://github.com/thinksaas/ThinkSAAS/issues/19 Exploit Issue Tracking
Configurations

Configuration 1

cpe:2.3:a:thinksaas:thinksaas:2.7:*:*:*:*:*:*:*

Information

Published : 2021-07-08 05:15

Updated : 2022-07-12 05:42


NVD link : CVE-2020-18741

Mitre link : CVE-2020-18741

Products Affected
No products.