Lucene search
+L

CVE-2018-12739

🗓️ 05 Jul 2018 20:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 57 Views🌐 WEB

BEESCMS 4.0, CSRF allows admin addition, related to CVE-2018-10266

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
zdt
BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
28 Jun 201800:00
zdt
attackerkb
CVE-2018-12739
5 Jul 201820:29
attackerkb
cnvd
BEESCMS 4.0 Cross-Site Request Forgery Vulnerability
3 Jul 201800:00
cnvd
cvelist
CVE-2018-12739
5 Jul 201820:00
cvelist
exploitdb
BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)
28 Jun 201800:00
exploitdb
euvd
EUVD-2018-4692
7 Oct 202500:30
euvd
exploitpack
BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)
28 Jun 201800:00
exploitpack
nvd
CVE-2018-12739
5 Jul 201820:29
nvd
osv
CVE-2018-12739
5 Jul 201820:29
osv
packetstorm
BEESCMS 4.0 Cross Site Request Forgery
28 Jun 201800:00
packetstorm
Rows per page
NVD
Node
ParameterPositionPathDescriptionCWE
admin_namerequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
admin_passwordrequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
admin_password2request body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
admin_nichrequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
purviewrequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
admin_adminrequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
admin_mailrequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
admin_telrequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
is_disablerequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
actionrequest body/beescms/admin/admin_admin.php?nav=list_admin_user&admin_p_nav=userCSRF vulnerability allowing an attacker to add administrators in BEESCMS 4.0 (CSRF enables arbitrary admin creation).CWE-352
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 01:38Current
8.5High risk
Vulners AI Score8.5
CVSS 26.8
CVSS 38.8
EPSS0.02385
57