6 matches found
CVE-2023-45907
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/variable/delete...
CVE-2023-45907
Dreamer CMS v4.1.3 contains a Cross-Site Request Forgery (CSRF) in the /admin/variable/delete component. The vulnerability is recorded as CVE-2023-45907 with CVSS v3.1 base score 8.8 (HIGH); attack vector is NETWORK, no privileges required, user interaction required, and impact to confidentiality...
Dreamer CMS Cross-Site Request Forgery Vulnerability
Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS version v4.1.3. An attacker can exploit this vulnerability to conduct cross-site request forgery CSRF attacks via the component /admin/variable/delet...
CVE-2023-45907
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/variable/delete...
PT-2023-29761 · Unknown · Dreamer Cms
Name of the Vulnerable Software and Affected Versions: Dreamer CMS version 4.1.3 Description: A Cross-Site Request Forgery CSRF issue was discovered in Dreamer CMS via the component /admin/variable/delete. This allows for unauthorized actions to be performed on the application. Recommendations: F...
CVE-2023-45907
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/variable/delete...