Lucene search
MitreCVELIST:CVE-2018-8908HistoryMar 31, 2018 - 10:00 p.m.
CVE-2018-8908
2018-03-3122:00:00
mitre
www.cve.org
2
An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application’s add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges. This happens due to lack of an anti-CSRF token in state modification requests.
Related
exploitpack
exploitpack
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
2018-04-02 00:00:00
prion
prion
Cross site request forgery (csrf)
2018-03-31 22:29:00
nvd
nvd
CVE-2018-8908
2018-03-31 22:29:00
cve
cve
CVE-2018-8908
2018-03-31 22:29:00
packetstorm
packetstorm
Frog CMS 0.9.5 Cross Site Request Forgery
2018-03-31 00:00:00
zdt
zdt
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User) Vulnerability
2018-04-02 00:00:00
exploitdb
exploitdb
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
2018-04-02 00:00:00