CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

OSV•added 2025/11/12 6:15 p.m.•2 views

CVE-2025-60645

A Cross-Site Request Forgery CSRF in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request...

6.5CVSS6.6AI score

Exploits0References2

Vulnrichment•added 2025/11/12 12:0 a.m.•2 views

CVE-2025-60645

A Cross-Site Request Forgery CSRF in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request...

6.3AI score0.00026EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 4:28 p.m.•6 views

CVE-2020-19268

A cross-site request forgery CSRF in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users...

5.7CVSS6.8AI score0.00172EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:18 p.m.•4 views

CVE-2020-21358

A cross site request forgery CSRF in Wage-CMS 1.5.x-dev allows attackers to arbitrarily add users...

6.5CVSS6.7AI score0.00117EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:17 p.m.•5 views

CVE-2020-19264

A cross-site request forgery CSRF in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd...

6.5CVSS7AI score0.00116EPSS

Exploits1

CNVD•added 2023/09/08 12:0 a.m.•24 views

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-72138)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

6.9AI score

Exploits0

OSV•added 2021/09/09 6:15 p.m.•1 views

CVE-2020-19264

A cross-site request forgery CSRF in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd...

6.5CVSS5.7AI score

Exploits0References1

Prion•added 2021/08/06 11:15 p.m.•15 views

Cross site request forgery (csrf)

A cross site request forgery CSRF in Wage-CMS 1.5.x-dev allows attackers to arbitrarily add users...

4.3CVSS6.5AI score0.00117EPSS

Exploits1References1Affected Software1

CNNVD•added 2021/08/06 12:0 a.m.•3 views

Wage-CMS 跨站请求伪造漏洞

Wage-CMS is a payroll system based on laravel-admin for small and medium-sized businesses. wage-CMS version 1.5.-dev is vulnerable to cross-site request forgery. An attacker can use this vulnerability to add arbitrary users...

6.5CVSS5.6AI score0.00117EPSS

Exploits1References1

OSV•added 2018/06/25 3:29 p.m.•1 views

CVE-2018-12602

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...

8.8CVSS5.8AI score0.00262EPSS

Exploits5References4

Prion•added 2018/06/25 3:29 p.m.•14 views

Cross site request forgery (csrf)

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...

6.8CVSS8.6AI score0.00262EPSS

Exploits5References4Affected Software1

NVD•added 2018/06/25 3:29 p.m.•7 views

CVE-2018-12602

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...

8.8CVSS8.7AI score0.00262EPSS

Exploits5References4

Cvelist•added 2018/06/25 3:0 p.m.•20 views

CVE-2018-12602

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...

8.7AI score0.00262EPSS

Exploits5References4

Packet Storm•added 2018/06/21 12:0 a.m.•29 views

LFCMS 3.7.0 Cross Site Request Forgery

Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html Version: 3.7.0 CVE : CVE-2018-12602 A...

0.6AI score0.00262EPSS

Exploits5

Exploit DB•added 2018/06/21 12:0 a.m.•39 views

LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)

8.8CVSS8.8AI score0.00262EPSS

Exploits5

CNVD•added 2018/06/15 12:0 a.m.•2 views

MACCMS 10 Cross-Site Request Forgery Vulnerability

MacCMS program is a fast shadow video building system that runs on PHP+MYSQL environment. MACCMS 10 has a cross-site request forgery vulnerability, which can be exploited by attackers to arbitrarily add to users...

8.8CVSS6.9AI score0.00319EPSS

Exploits5References1

exploitpack•added 2018/06/13 12:0 a.m.•21 views

MACCMS 10 - Cross-Site Request Forgery (Add User)

MACCMS 10 - Cross-Site Request Forgery Add User Exploit Title: MACCMSV10 CSRF vulnerability add admin account Date: 2018-06-11 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9168309.html Software Link: http://www.maccms.com/down.html Version: V10 CVE : CVE-2018-12114 I...

6.8CVSS0.5AI score0.00319EPSS

Exploits5

Exploit DB•added 2018/06/13 12:0 a.m.•40 views

MACCMS 10 - Cross-Site Request Forgery (Add User)

Exploit Title: MACCMSV10 CSRF vulnerability add admin account Date: 2018-06-11 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9168309.html Software Link: http://www.maccms.com/down.html Version: V10 CVE : CVE-2018-12114 I found a CSRF vulnerability in maccmsv10,this...

8.8CVSS8.8AI score0.00319EPSS

Exploits5

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Pet Grooming Management System <= 2.0 Arbitrary Add-Admin Exploit

No description provided by source. !/usr/bin/perl use strict; use LWP::UserAgent; print -+- Pet Grooming Management System = 2.0 Arbitrary Add-Admin Exploit -+-\n; print -+- Discovered && Coded By: t0pP8uZz - Discovered On: 15 MAY 2008 -+-\n; print -+- Script Download:...

7.1AI score

Exploits0

0day.today•added 2014/02/26 12:0 a.m.•21 views

Piwigo 2.6.1 - CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: piwigo 2.6.1 - CSRF Date: 26/02/2014 Exploit Author: email protected Vendor Homepage: http://it.piwigo.org/ Software Link: http://it.piwigo.org/basics/downloads Version: 2.6.1 Tested on: Virtualbox debian A CSRF problem is prese...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by