Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2023-70069
HistorySep 12, 2023 - 12:00 a.m.

iCMS Cross-Site Request Forgery Vulnerability (CNVD-2023-70069)

2023-09-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
icms
cross-site request forgery
version 7.0.16
php
mysql
vulnerability
attack.

EPSS

0.001

Percentile

27.3%

JSON

iCMS is a software application, an efficient and simple content management system built with PHP and MySQL. A cross-site request forgery vulnerability exists in iCMS version 7.0.16, which stems from the component do_save() not adequately verifying that a request comes from a trusted user. The vulnerability can be exploited by an attacker to forge a malicious request to trick a victim into clicking to perform a sensitive operation.

Related

cve 1
nvd 1
prion 1
cvelist 1
vulnrichment 1
cve
cve
CVE-2023-40953
2023-09-08 03:15:08
nvd
nvd
CVE-2023-40953
2023-09-08 03:15:08
prion
prion
Cross site request forgery (csrf)
2023-09-08 03:15:00
cvelist
cvelist
CVE-2023-40953
2023-09-08 00:00:00
vulnrichment
vulnrichment
CVE-2023-40953
2023-09-08 00:00:00

EPSS

0.001

Percentile

27.3%

JSON
Related for CNVD-2023-70069
cve1nvd1prion1cvelist1vulnrichment1