2 matches found
ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)
ClipperCMS 1.3.3 - Cross-Site Request Forgery File Upload Exploit Title: ClipperCMS 1.3.3 File Upload CSRF Vulnerability Date: 2018-11-11 Exploit Author: Ameer Pornillos Website: http://ethicalhackers.club Vendor Homepage: http://www.clippercms.com/ Software Link:...
CVE-2018-19135
Summary of CVE-2018-19135 (ClipperCMS 1.3.3): ClipperCMS 1.3.3 is vulnerable to a Cross-Site Request Forgery (CSRF) in the kcfinder file upload feature, which is enabled by default. The vulnerability allows an attacker to perform actions on behalf of an admin (or any user with file upload capabil...