Lucene search
CVE-2018-19829
Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known
Show more
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | Cross site request forgery (csrf) | 18 Dec 201822:29 | – | prion |
 | Integria IMS 5.0.83 - Cross-Site Request Forgery Vulnerability | 19 Dec 201800:00 | – | zdt |
 | CVE-2018-19829 | 18 Dec 201822:29 | – | nvd |
 | CVE-2018-19829 | 18 Dec 201822:00 | – | cvelist |
 | Integria IMS 5.0.83 Cross Site Request Forgery | 19 Dec 201800:00 | – | packetstorm |
 | Integria IMS 5.0.83 - Cross-Site Request Forgery | 19 Dec 201800:00 | – | exploitdb |
 | Integria IMS 5.0.83 - Cross-Site Request Forgery | 19 Dec 201800:00 | – | exploitpack |
Node
| Source | Link |
|---|---|
| exploit-db | www.exploit-db.com/exploits/46013/ |
| hackpuntes | www.hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/ |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| page | query param | /ajax.php | CSRF vulnerability allowing user deletion via GET request. | CWE-352 |
| delete_item | query param | /ajax.php | CSRF vulnerability allowing user deletion via GET request. | CWE-352 |
| name | query param | /ajax.php | CSRF vulnerability allowing user deletion via GET request. | CWE-352 |
| id | query param | /ajax.php | CSRF vulnerability allowing user deletion via GET request. | CWE-352 |
| sec | request body | /index.php | CSRF vulnerability allowing user deletion via POST request. | CWE-352 |
| sec2 | request body | /index.php | CSRF vulnerability allowing user deletion via POST request. | CWE-352 |
| borrar_usuario | request body | /index.php | CSRF vulnerability allowing user deletion via POST request. | CWE-352 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo18 Dec 2018 22:29Current
6.4Medium risk
Vulners AI Score6.4
CVSS25.8
CVSS36.5
EPSS0.0021