Lucene search

Bolt Cross Site Request Forgery (CSRF)

🗓️ 13 May 2022 01:16:12Reported by GitHub Advisory DatabaseType

Bolt CMS 3.6.6 CSRF vulnerability in file upload featur

Reporter	Title	Published	Views	Family All 9
OSV	Bolt Cross Site Request Forgery (CSRF)	13 May 202201:12	–	osv
OSV	CVE-2019-10874	5 Apr 201905:29	–	osv
Cvelist	CVE-2019-10874	5 Apr 201904:42	–	cvelist
Packet Storm	Bolt CMS 3.6.6 Cross Site Request Forgery / Code Execution	8 Apr 201900:00	–	packetstorm
NVD	CVE-2019-10874	5 Apr 201905:29	–	nvd
CVE	CVE-2019-10874	5 Apr 201905:29	–	cve
0day.today	Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution Exploit	9 Apr 201900:00	–	zdt
Veracode	Denial Of Service (DoS)	5 Apr 201919:08	–	veracode
Prion	Cross site request forgery (csrf)	5 Apr 201905:29	–	prion

Vulners

Node

bolt bolt_cmsMatch3.6.6

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-10874
github	www.github.com/bolt/bolt/pull/7768/commits/91187aef36363a870d60b0a3c1bf8507af34c9e4
packetstormsecurity	www.packetstormsecurity.com/files/152429/Bolt-CMS-3.6.6-Cross-Site-Request-Forgery-Code-Execution.html
fgsec	www.fgsec.net/from-csrf-to-rce-bolt-cms
exploit-db	www.exploit-db.com/exploits/46664
github	www.github.com/advisories/GHSA-3g6c-88pf-m46f

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 May 2022 01:12Current

7.9High risk

Vulners AI Score7.9

CVSS26.8

CVSS38.8

EPSS0.00553

CWE-352