Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2024-46610
HistorySep 24, 2024 - 12:00 a.m.

CVE-2024-46610

2024-09-2400:00:00
mitre
www.cve.org
2
access control
user info
crafted request
icecms v3.4.7
changeuser function
usercontroller.java

EPSS

0.001

Percentile

18.5%

JSON

An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users’ information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java

Related

nvd 1
cve 1
nvd
nvd
CVE-2024-46610
2024-09-25 01:15:44
cve
cve
CVE-2024-46610
2024-09-25 01:15:44

EPSS

0.001

Percentile

18.5%

JSON
Related for CVELIST:CVE-2024-46610
nvd1cve1