Authentication Bypass Vulnerability in Paid To Read Script 2.0.5

Authentication Bypass Vulnerability in Paid To Read Script 2.0.5

CVE-2017-17777 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter.

Learn more about our User Device Pen Test.