Lucene search
K

4 matches found

0day.today
0day.today
added 2018/12/24 12:0 a.m.79 views

WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF Po...

6.8CVSS0.3AI score0.02248EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/24 12:0 a.m.26 views

WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)

WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE...

6.8CVSS0.6AI score0.02248EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/24 12:0 a.m.37 views

WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)

Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF PoC 18/5000 Function point: background...

8.8CVSS8.8AI score0.02248EPSS
Exploits5
CVE
CVE
added 2018/11/09 9:0 p.m.54 views

CVE-2018-19138

CVE-2018-19138 affects WSTMart versions around 2.0.7/2.0.8. The vulnerability is a Cross‑Site Request Forgery (CSRF) via the URI index.php/admin/staffs/add.html, which can allow an attacker to force actions in the background (e.g., adding an admin) without user consent. Connected exploit referenc...

8.8CVSS8.7AI score0.02248EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder