Security Advisory

CVE-2020-37046

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-30 22:07:17

Last updated 2026-02-02 20:08:40

Assigner VulnCheck

State PUBLISHED

Description

Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative accounts without the victims consent.

← Browse all CVEs View on cve.org ↗