Description

qa-include/qa-install.php in Question2Answer before 1.7.5 allows remote attackers to create multiple user accounts.

Remediation

References

CVE-2017-12775

Related Vulnerabilities

XWiki Improper Handling of Insufficient Privileges Vulnerability (CVE-2024-21648)

Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20676)

WordPress Plugin Gravity Forms Advanced File Uploader Unspecified Vulnerability (1.18)

WordPress Plugin SB Welcome Email Editor Unspecified Vulnerability (4.1)

WordPress Plugin GigPress 'Notes' Field HTML Injection (2.1.10)

Severity

High

Classification

CVE-2017-12775 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities