CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

OSV•added 2023/12/05 3:30 p.m.•2 views

GHSA-MWVQ-GC5W-M78F Cross-Site Request Forgery in JFinalCMS via /admin/category/delete

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/delete...

8.8CVSS5.9AI score0.00268EPSS

Exploits1References2

NVD•added 2023/12/05 3:15 p.m.•14 views

CVE-2023-49398

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/delete...

8.8CVSS0.00268EPSS

Exploits1References1

ATTACKERKB•added 2023/12/05 3:15 p.m.•1 views

CVE-2023-49398

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/delete...

8.8CVSS5.8AI score0.00268EPSS

Exploits1References2

Positive Technologies•added 2023/12/05 12:0 a.m.•3 views

PT-2023-31204 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A Cross-Site Request Forgery CSRF issue was discovered in JFinalCMS, which can be exploited via the /admin/category/delete API endpoint. This allows an attacker to perform unauthorized actions on the...

8.8CVSS8.6AI score0.00268EPSS

Exploits1References6

CNNVD•added 2023/12/05 12:0 a.m.•1 views

JFinalCMS Security Vulnerability

JFinalCMS is a content management system developed by heyewei. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/category/delete component...

8.8CVSS8.4AI score0.00268EPSS

Exploits1References1

NVD•added 2023/11/13 4:15 p.m.•13 views

CVE-2023-48063

An issue was discovered in dreamercms 4.1.3. There is a CSRF vulnerability that can delete a theme project via /admin/category/delete...

4.3CVSS0.00051EPSS

Exploits1References1

ATTACKERKB•added 2023/11/13 4:15 p.m.•3 views

CVE-2023-48063

An issue was discovered in dreamercms 4.1.3. There is a CSRF vulnerability that can delete a theme project via /admin/category/delete...

4.3CVSS5.8AI score0.00051EPSS

Exploits1References2

CNNVD•added 2023/11/13 12:0 a.m.•2 views

Dreamer CMS Security Vulnerability

Dreamer CMS is a Dreamer Content Management System by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS version 4.1.3, which stems from a cross-site request forgery CSRF vulnerability. The vulnerability can be exploited by an attacker to delete a theme...

4.3CVSS6.8AI score0.00051EPSS

Exploits1References2

OSV•added 2018/08/20 1:29 a.m.•3 views

CVE-2018-15568

tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html...

8.8CVSS5.8AI score0.00168EPSS

Exploits0References1

CNVD•added 2018/08/20 12:0 a.m.•0 views

tp5cms Cross-Site Request Forgery Vulnerability

tp5cms is a content management system CMS framework written in the PHP language and based on technologies such as ThinkPHP, swiper and bootstrap. A cross-site request forgery vulnerability exists in tp5cms 2017-05-25 and earlier versions. A remote attacker can exploit this vulnerability to delete...

8.8CVSS8.8AI score0.00168EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by