Vulnerabilities > CVE-2023-37759 - Unspecified vulnerability in Trendylogics Crypto Currency Tracker

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

trendylogics

critical

NVD

Published: 2023-09-08

Updated: 2023-09-12

Summary

Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request.

Vulnerable Configurations

Part	Description	Count
Application	Trendylogics Trendylogics Crypto Currency Tracker 6.0 Trendylogics Crypto Currency Tracker 7.0 Trendylogics Crypto Currency Tracker 8 Trendylogics Crypto Currency Tracker 9 Trendylogics Crypto Currency Tracker 9.1 Trendylogics Crypto Currency Tracker 9.2 Trendylogics Crypto Currency Tracker 9.3 Trendylogics Crypto Currency Tracker 9.4 Trendylogics Crypto Currency Tracker 9.5	9

References

https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html
https://tregix.com/
https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008