4 matches found
Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Gleez CMS 1.2.0 - Cross-Site Request Forgery Add Admin Exploit Author: GunEggWang Vendor Homepage: https://gleezcms.org/ Software Link: https://github.com/gleez/cms Version: 1.2.0 CVE : CVE-2018-15845 Description: There is a CSR...
Gleez CMS 1.2.0 Cross Site Request Forgery
Exploit Title: Gleez CMS 1.2.0 - Cross-Site Request Forgery Add Admin Date: 2018-08-24 Exploit Author: GunEggWang Vendor Homepage: https://gleezcms.org/ Software Link: https://github.com/gleez/cms Version: 1.2.0 CVE : CVE-2018-15845 Description: There is a CSRF vulnerability that can add an...
Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin)
Exploit Title: Gleez CMS 1.2.0 - Cross-Site Request Forgery Add Admin Date: 2018-08-24 Exploit Author: GunEggWang Vendor Homepage: https://gleezcms.org/ Software Link: https://github.com/gleez/cms Version: 1.2.0 CVE : CVE-2018-15845 Description: There is a CSRF vulnerability that can add an...
CVE-2018-15845
Summary: CVE-2018-15845 is a CSRF vulnerability in Gleez CMS 1.2.0 that allows an attacker to add an administrator account via the admin/users/add endpoint. The issue is documented across multiple feeds (CVE, OSV, CNVD, GitHub advisories, Exploit DB). The root cause is a cross-site request forger...