Vulnerabilities > CVE-2017-1002007 - Missing Authorization vulnerability in Dtracker Project Dtracker 1.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |