What the vulnerability does
01Description
Unauthenticated Broken Access Control in AWP Classifieds <= 4.4.4 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
What the vulnerability does
Unauthenticated Broken Access Control in AWP Classifieds <= 4.4.4 versions.
Explanation of Vulnerability in Simple Terms
AWP Classifieds through version 4.4.4 lacks proper authorization checks, allowing unauthenticated attackers to disrupt the site's availability. An attacker can send network requests without authentication to trigger a denial-of-service condition. No user interaction or special privileges are required. Site administrators should update to a version newer than 4.4.4.
What an attacker can do
Make the site unavailable or unresponsive without needing to log in.
Potential impact on your site
Your classifieds site could go offline or become slow/unresponsive due to unauthenticated attacks.
Conditions required to exploit
Network access to the site; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities