24 matches found
EUVD-2018-13154
Malware in sbrugna...
EUVD-2018-13155
Malware in sbrugna...
EUVD-2018-4562
Malware in sbrugna...
EUVD-2018-4561
Malware in sbrugna...
SQL Injection Vulnerability in LFCMS Backend
LFCMS is a film and television content management system developed in PHP and based on THINKPHP framework suitable for all kinds of video, film and television websites. LFCMS backend has SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive database information...
CVE-2018-20603
The CVE-2018-20603 entry concerns Lei Feng TV CMS (aka LFCMS) version 3.8.6, which is vulnerable to CSRF on the admin page admin.php?s=/Member/add.html. The root cause, as stated across connected records, is a cross-site request forgery vulnerability in the LFCMS 3.8.6 administrative interface, e...
LFCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-14218)
LFCMS is a video-on-demand system based on ThinkPHP and MySQL. A cross-site request forgery vulnerability exists in LFCMS version 3.7.0. A remote attacker can exploit this vulnerability to arbitrarily add users...
LFCMS Cross-Site Request Forgery Vulnerability
LFCMS is a PHP based on THINKPHP3.2.3 framework development, suitable for all kinds of video, film and television websites, film and television content management program. LFCMS 3.7.0 admin.php cross-site request forgery vulnerability exists. Remote attackers can use this vulnerability to hijack...
CVE-2018-12603
Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...
CVE-2018-12603
Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...
CVE-2018-12603
CVE-2018-12603 affects LFCMS 3.7.0: a Cross-Site Request Forgery in admin.php via the s parameter allows remote attackers to hijack user authentication and add an administrator account. The issue enables adding admin accounts without user consent, as described in CVE-2018-12114 related disclosure...
CVE-2018-12603
Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...
CVE-2018-12602
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...
Cross site request forgery (csrf)
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...
CVE-2018-12602
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...
CVE-2018-12602
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...
CVE-2018-12602
CVE-2018-12602 concerns LFCMS 3.7.0, where a Cross-Site Request Forgery flaw allows arbitrary user addition. The CNVD entry (CNVD-2018-14218) confirms a CSRF vulnerability in LFCMS 3.7.0 and describes the impact as enabling remote attackers to add users. Related sources (NVD/NIST, CVE records) de...
LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin)
LFCMS 3.7.0 - Cross-Site Request Forgery Add Admin Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: administrator account can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203899.html Software Link:...
LFCMS 3.7.0 - Cross-Site Request Forgery (Add User) Vulnerability
Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html...