5 matches found
EUVD-2018-4692
Malware in sbrugna...
CVE-2018-12739
In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266...
Cross site request forgery (csrf)
In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266...
CVE-2018-12739
BEESCMS 4.0 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to arbitrarily add administrator accounts. The issue is documented as CVE-2018-12739, linked to earlier CVE-2018-10266. Public references include exploit listings and demonstrations of the CSRF payload ...
CVE-2018-10266
BEESCMS 4.0 is affected by a CSRF flaw that allows an attacker to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI. The root cause is cross-site request forgery, enabling privilege elevation by creating a new admin account without authentication....