CVE-2020-36065

Cross Site Request Forgery CSRF vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/adminsave...

CVE-2020-20945

A Cross-Site Request Forgery CSRF in /admin/index.php?lfj=member=editmember of Qibosoft v7 allows attackers to arbitrarily add administrator accounts...

CVE-2023-37650

A Cross-Site Request Forgery CSRF in the Admin portal of Cockpit CMS v2.5.2 allows attackers to execute arbitrary Administrator commands...

CVE-2023-37650

A Cross-Site Request Forgery CSRF in the Admin portal of Cockpit CMS v2.5.2 allows attackers to execute arbitrary Administrator commands...

CVE-2020-36065

Cross Site Request Forgery CSRF vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/adminsave...

CVE-2022-46491

A Cross-Site Request Forgery CSRF vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts...

zbzcms 安全漏洞

zbzcms Station Helper CMS is a content management website from China Station Helper CMS zbzcms. zbzcms version 1.0 is vulnerable to an access control error, which can be exploited by attackers to arbitrarily add administrator accounts...

Subrion CMS Cross-site Request Forgery Vulnerability (CNVD-2022-20162)

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into websites and supports multiple extension plugins, etc. A security vulnerability exists in Subrion CMS 4.2.1, which allows a remote, unauthenticated, malicious user to send authorizati...

GHSA-9CC3-5W85-PXVX Cross Site Request Forgery in intelliants/subrion

Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...

Cross Site Request Forgery in intelliants/subrion

Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...

CVE-2020-18326

Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...

CVE-2020-21658

A Cross-Site Request Forgery CSRF in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL...

CVE-2020-10181

goform/formEMR30 in Sumavision Enhanced Multimedia Router EMR 3.0.4.27 allows creation of arbitrary users with elevated privileges administrator on a device, as demonstrated by a setString=newuseradministrator123456 request...

WordPress Popup Builder Plugin 2.2.8 < 3.0 SQL Injection Vulnerability

The WordPress plugin Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

Logic Flaw Vulnerability in Maipu MPSec VPN Series Security Gateway

Mapletree Technology Co., Ltd. is a mainstream network and industry application solution provider in China. A logic flaw vulnerability exists in the Maipu MPSec VPN series security gateway. An attacker can exploit this vulnerability to achieve arbitrary administrator login...

CVE-2018-12739

In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266...

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: A CSRF vulnerability exists in BEESCMSV4.0: The administrator can be added arbitrarily. Date: 2018-06-25 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9226389.html Software Link: http://www.beescms.com/ Version: BEESCMS - V4.0 CVE : CVE-2018-12739 A CSRF...

SDCMS V1.1 Arbitrary Administrator Addition Vulnerability in Frontend

SDCMS is a PHP 3-in-1 website management system independently developed by Fireworks Network. SDCMS V1.1 foreground exists arbitrary administrator to add a vulnerability, an attacker can use the vulnerability in the foreground to arbitrarily add an administrator account...

Caregiver Script 2.57 SQL Injection

Exploit Title: Caregiver Script v2.57 a SQL Injection Date: 30.01.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/caregiver-script/ Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category: Web Application Exploits Overview...