5 matches found
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...
CVE-2018-12603
Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...
CVE-2018-12114
CVE-2018-12114 affects MacCMS 10. A CSRF vulnerability allows an attacker to add administrator user accounts via the request targeting admin.php/admin/admin/info.html. The issue is demonstrated in public references and exploit entries, including an explicit POST form example used to create a new ...
MACCMS 10 - Cross-Site Request Forgery (Add User)
MACCMS 10 - Cross-Site Request Forgery Add User Exploit Title: MACCMSV10 CSRF vulnerability add admin account Date: 2018-06-11 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9168309.html Software Link: http://www.maccms.com/down.html Version: V10 CVE : CVE-2018-12114 I...
MACCMS 10 - Cross-Site Request Forgery (Add User)
Exploit Title: MACCMSV10 CSRF vulnerability add admin account Date: 2018-06-11 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9168309.html Software Link: http://www.maccms.com/down.html Version: V10 CVE : CVE-2018-12114 I found a CSRF vulnerability in maccmsv10,this...