Lucene search
K

6 matches found

CNVD
CNVD
added 2019/01/17 12:0 a.m.6 views

EasyCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-02517)

EasyCMS is a scalable lightweight open source content management system CMS written in PHP. EasyCMS 1.5 version of the cross-site request forgery vulnerability , remote attackers can use index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI to exploit the...

8.8CVSS6.9AI score0.00523EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/02 12:0 a.m.4 views

WSTMall Cross-Site Request Forgery Vulnerability

WSTMall is an open source O2O e-commerce system developed using ThinkPHP framework and supporting multiple users. A cross-site request forgery vulnerability exists in WSTMall version 1.9.1170316. A remote attacker can add user accounts with the help of index.php?m=Admin&c=Users&a=edit URI to...

8.8CVSS8.9AI score0.00517EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/06/14 5:0 p.m.38 views

CVE-2018-12114

Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts...

8.7AI score0.02975EPSS
Exploits5References3
CNVD
CNVD
added 2018/04/10 12:0 a.m.5 views

WUZHI CMS Cross-Site Request Forgery Vulnerability (CNVD-2018-08333)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site request forgery vulnerability exists in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerability to add user accounts...

8.8CVSS6.9AI score0.00709EPSS
Exploits5References1
OSV
OSV
added 2011/07/29 8:55 p.m.5 views

DEBIAN-CVE-2011-2522

Multiple cross-site request forgery CSRF vulnerabilities in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that 1 shut down daemons, 2 start daemons, 3 add shares, 4 remove shares, 5 add printers...

6.8CVSS7.2AI score0.10046EPSS
Exploits6References1
ATTACKERKB
ATTACKERKB
added 2011/07/27 2:55 a.m.5 views

CVE-2009-4139

A flaw was found in Spacewalk Java site packages. This cross-site request forgery CSRF vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileg...

6.8CVSS5.8AI score0.00821EPSS
Exploits0References5
Rows per page
Query Builder