Lucene search
CVE-2018-15197
An issue in OneThink v1.1 allows CSRF vulnerability in admin.php?s=/AuthManager/addToGroup.html, granting administrator privileges
Show more
| Reporter | Title | Published | Views | Family All 4 |
|---|---|---|---|---|
 | CVE-2018-15197 | 8 Aug 201803:00 | – | cvelist |
 | CVE-2018-15197 | 8 Aug 201803:29 | – | osv |
 | Cross site request forgery (csrf) | 8 Aug 201803:29 | – | prion |
 | CVE-2018-15197 | 8 Aug 201803:29 | – | nvd |
| Source | Link |
|---|---|
| github | www.github.com/liu21st/onethink/issues/36 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| s | query param | /admin.php?s=/AuthManager/addToGroup.html | CSRF vulnerability that can endow administrator privileges. | CWE-352 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo08 Aug 2018 03:29Current
8.6High risk
Vulners AI Score8.6
CVSS26.8
CVSS38.8
EPSS0.00443