Summary: Vulnerability: Critical vulnerability in Hindu Matrimonial Script File: /admin/usermanagement.php Impact: Privileges management manipulation; attack can be remote CVE: CVE-2017-20068 Exploit: Available Details: Product: Hindu Matrimonial Script (unknown version) File Block: Unknown code block affected Issue: Improper assignment, modification, or checking of privileges Result: Adds unintended control spheres Impacted: Confidentiality, integrity, and availability Detection: CWE-269 Timeline and Solutions: Noted by: Ihsan Sencan on 01/13/2017 with EDB-ID 41044 Exploit Database: Not officially exploited (Exploit-DB) Vulnerability Tracking: CVE-2017-20068 Attack Technique: MITRE ATT&CK as T1068 Exploit Development: Proof-of-concept available at exploit-db.com Search Vulnerabilities: Use Google Hacking with inurl:/admin/usermanagement.php Recommendation: Replace affected system with a secure alternative