23 matches found
CVE-2021-28055
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user...
CVE-2019-11077
FastAdmin V1.0.0.20190111beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI...
CVE-2019-11374
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin=admin=add URI...
EUVD-2020-11175
Malware in sbrugna...
CVE-2019-10237
S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin=add⟨=0 URI, a related issue to CVE-2019-9040...
CVE-2023-43149
SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery CSRF that allows a remote attacker to add an admin user with role status...
CVE-2023-43149
CVE-2023-43149 affects SPA-Cart 1.9.0.3. The documents confirm a CSRF vulnerability enabling a remote attacker to add an admin user with role status. They do not provide concrete technical details (endpoints, payloads, root cause) or remediation within the supplied sources. No exploitation specif...
CVE-2022-34020
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
CVE-2022-34020
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
Cross site request forgery (csrf)
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user...
Cross site request forgery (csrf)
FastAdmin V1.0.0.20190111beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI...
CVE-2019-11077
FastAdmin V1.0.0.20190111beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI...
CVE-2019-11078
MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI...
S-CMS Cross-Site Request Forgery Vulnerability (CNVD-2019-08730)
S-CMS is a content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in S-CMS PHP v1.0, which can be exploited by remote attackers to add the admin user with the help of the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI...
CVE-2019-10237
S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040...
Cross site request forgery (csrf)
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator...
CVE-2019-9769
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator...
CVE-2019-9769
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator...
CVE-2019-9040
S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332...
CVE-2019-9040
S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332...