Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2018-8972
HistoryMar 24, 2018 - 10:00 p.m.

CVE-2018-8972

2018-03-2422:00:00
mitre
www.cve.org
5
cve-2018-8972
creditwest bank
csrf
php code injection

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

58.2%

JSON

Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has CSRF in the functionality for updating the site configuration, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a PHP shell that calls eval on request parameters.

Related

cve 1
prion 1
nvd 1
cve
cve
CVE-2018-8972
2018-03-24 22:29:00
prion
prion
Cross site request forgery (csrf)
2018-03-24 22:29:00
nvd
nvd
CVE-2018-8972
2018-03-24 22:29:00

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

58.2%

JSON
Related for CVELIST:CVE-2018-8972
cve1prion1nvd1