Lucene search
GoogleOSV:CVE-2020-10057HistoryMar 04, 2020 - 7:15 p.m.
CVE-2020-10057
2020-03-0419:15:12
Google
osv.dev
2
GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which “token” is used as a CSRF protection mechanism, but without validation that “token” is associated with an administrative user.
Related
prion
prion
Improper access control
2020-03-04 19:15:00
Cross site request forgery (csrf)
2015-03-23 16:59:00
cve
cve
CVE-2020-10057
2020-03-04 19:15:12
CVE-2015-2680
2015-03-23 16:59:08
veracode
veracode
Cross-Site Request Forgery (CSRF)
2020-03-05 06:52:13
cvelist
cvelist
CVE-2020-10057
2020-03-04 18:03:36
CVE-2015-2680
2015-03-23 16:00:00
nvd
nvd
CVE-2020-10057
2020-03-04 19:15:12
CVE-2015-2680
2015-03-23 16:59:08
zeroscience
zeroscience
GeniXCMS v0.0.1 CSRF Add Admin Exploit
2015-03-10 00:00:00