CVE-2018-7219

2018-02-1914:29:00

Google

osv.dev

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

44.9%

JSON

application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request.

CPENameOperatorVersion
nonecmseq1.3.0
nonecmseq1.2.0
nonecmseq1.1.0

Name	Operator	Version
nonecms	eq	1.3.0
nonecms	eq	1.2.0
nonecms	eq	1.1.0

References

foreversong.cn/archives/1081