Vulnerabilities

CVE-2025-47227

by Fred · 05/07/2025

In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeover.

More information : https://github.com/synacktiv/CVE-2025-47227_CVE-2025-47228

Similar

Tags: Cybersecurity Alert