6 matches found
EasyCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-02517)
EasyCMS is a scalable lightweight open source content management system CMS written in PHP. EasyCMS 1.5 version of the cross-site request forgery vulnerability , remote attackers can use index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI to exploit the...
WSTMall Cross-Site Request Forgery Vulnerability
WSTMall is an open source O2O e-commerce system developed using ThinkPHP framework and supporting multiple users. A cross-site request forgery vulnerability exists in WSTMall version 1.9.1170316. A remote attacker can add user accounts with the help of index.php?m=Admin&c=Users&a=edit URI to...
CVE-2018-12114
Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts...
WUZHI CMS Cross-Site Request Forgery Vulnerability (CNVD-2018-08333)
WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site request forgery vulnerability exists in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerability to add user accounts...
DEBIAN-CVE-2011-2522
Multiple cross-site request forgery CSRF vulnerabilities in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that 1 shut down daemons, 2 start daemons, 3 add shares, 4 remove shares, 5 add printers...
CVE-2009-4139
A flaw was found in Spacewalk Java site packages. This cross-site request forgery CSRF vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileg...