Lucene search
PRIOn knowledge basePRION:CVE-2018-8908HistoryMar 31, 2018 - 10:29 p.m.
Cross site request forgery (csrf)
2018-03-3122:29:00
PRIOn knowledge base
www.prio-n.com
6
An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application’s add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges. This happens due to lack of an anti-CSRF token in state modification requests.
Related
exploitpack
exploitpack
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
2018-04-02 00:00:00
cve
cve
CVE-2018-8908
2018-03-31 22:29:00
nvd
nvd
CVE-2018-8908
2018-03-31 22:29:00
packetstorm
packetstorm
Frog CMS 0.9.5 Cross Site Request Forgery
2018-03-31 00:00:00
cvelist
cvelist
CVE-2018-8908
2018-03-31 22:00:00
zdt
zdt
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User) Vulnerability
2018-04-02 00:00:00
exploitdb
exploitdb
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
2018-04-02 00:00:00