High severity8.8NVD Advisory· Published Nov 7, 2019· Updated Jun 17, 2026
CVE-2019-17605
CVE-2019-17605
Description
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account (by also exploiting CVE-2019-17604) via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is changed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- eyecomms/eyeCMSdescription
Patches
Vulnerability mechanics
References
2- gist.github.com/AhMyth/6d9c5e15d943dd092ccca19fca8d5d37nvdExploitThird Party Advisory
- www.eyecomms.com/Products/eyeCMS.htmlnvdProductVendor Advisory
News mentions
0No linked articles in our index yet.