Vulnerabilities > CVE-2020-19888 - Incorrect Authorization vulnerability in Dbhcms Project Dbhcms 1.2.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

dbhcms-project

CWE-863

NVD

Published: 2020-08-24

Updated: 2021-07-21

Summary

DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table.

Vulnerable Configurations

Part	Description	Count
Application	Dbhcms_Project Dbhcms Project Dbhcms 1.2.0	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#13