CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2024/08/20 3:15 p.m.•7 views

CVE-2024-42604

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/admingroup.php?mode=delete&groupid=3...

8.8CVSS7.5AI score

Exploits0References1

NVD•added 2024/08/20 3:15 p.m.•10 views

CVE-2024-42604

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/admingroup.php?mode=delete&groupid=3...

8.8CVSS0.00319EPSS

Exploits1References1

CVE•added 2024/08/20 12:0 a.m.•49 views

CVE-2024-42604

Pligg CMS v2.0.2 contains a CSRF vulnerability in the admin_group.php endpoint (mode=delete&group_id=3). The flaw arises from insufficient verification of the requesting user, allowing an attacker to forge state-changing requests. Several connected reports (including Red Hat, CNVD, CNVD CNVD, OSV...

8.8CVSS7.6AI score0.00319EPSS

Exploits1References1Affected Software1

Cvelist•added 2024/08/20 12:0 a.m.•12 views

CVE-2024-42604

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/admingroup.php?mode=delete&groupid=3...

0.00319EPSS

Exploits1References1

seebug.org•added 2014/06/17 12:0 a.m.•197 views

Discuz CSRF删除群组分类

简要描述：详细说明： admingroup.php elseif$operation == 'deletetype' //没有验证fromhash导致可以csrf删除 $fid = $GET'fid'; $ajax = $GET'ajax'; $confirmed = $GET'confirmed'; $finished = $GET'finished'; $total = intval$GET'total'; $pp = intval$GET'pp'; $currow = intval$GET'currow'; if$ajax obendclean; requireonce...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by