Predictable Registration URL in PHP Multivendor Ecommerce Allows Remote Attackers to Register with Invalid or Spoofed Email Addresses

Predictable Registration URL in PHP Multivendor Ecommerce Allows Remote Attackers to Register with Invalid or Spoofed Email Addresses

CVE-2017-17952 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address.

Learn more about our Web Application Penetration Testing UK.