CVE-2020-35848
Description
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function.
NVD
Severity: CRITICAL
CVE ID: CVE-2020-35848
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2020-35848
Refrence: Project Discovery GitHub
Content on GitHub
w33vils | watchers:0
CVE-2020-35847_CVE-2020-35848
CVE-2020-35847, CVE-2020-35848 : Account Takeover
Refrence: GitHub