Lucene search
K

6 matches found

Cvelist
Cvelist
added 2018/01/24 10:0 a.m.13 views

CVE-2018-5969

Cross Site Request Forgery CSRF exists in Photography CMS 1.0 via clients/resources/ajax/ajaxnewadmin.php, as demonstrated by adding an admin account...

8.9AI score0.01412EPSS
Exploits4References1
CVE
CVE
added 2018/01/24 10:0 a.m.50 views

CVE-2018-5969

CVE-2018-5969 : Concrete details from connected docs show a CSRF vulnerability in Photography CMS 1.0. The flaw resides in the endpoint clients/resources/ajax/ajax_new_admin.php, enabling an attacker to perform actions (notably adding an admin account) without user consent. Multiple sources (NVD ...

8.8CVSS8.8AI score0.01412EPSS
Exploits4References1Affected Software1
Packet Storm
Packet Storm
added 2018/01/24 12:0 a.m.51 views

Photography CMS 1.0 Cross Site Request Forgery

New Admin Username: Password: Confirm Password: Email: $"ekleabi".live'click',function $.ajax type: "POST", url: "http://ronnieswietek.com/cc/clients/resources/ajax/ajaxnewadmin.php", data: username:$".efe username".val, password1:$".efe password1".val, password2:$".efe password2".val, email:$".e...

8.7AI score0.01412EPSS
Exploits4
0day.today
0day.today
added 2018/01/24 12:0 a.m.37 views

Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications New Admin Username: Password: Confirm Password: Email: $"ekleabi".live'click',function $.ajax type: "POST", url: "http://ronnieswietek.com/cc/clients/resources/ajax/ajaxnewadmin.php", data: username:$".efe username".val,...

6.8CVSS8.7AI score0.01412EPSS
Exploits4
exploitpack
exploitpack
added 2018/01/23 12:0 a.m.18 views

Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin)

Photography CMS 1.0 - Cross-Site Request Forgery Add Admin New Admin Username: Password: Confirm Password: Email: $"ekleabi".live'click',function $.ajax type: "POST", url: "http://ronnieswietek.com/cc/clients/resources/ajax/ajaxnewadmin.php", data: username:$".efe username".val, password1:$".efe...

6.8CVSS0.9AI score0.01412EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/01/23 12:0 a.m.34 views

Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin)

New Admin Username: Password: Confirm Password: Email: $"ekleabi".live'click',function $.ajax type: "POST", url: "http://ronnieswietek.com/cc/clients/resources/ajax/ajaxnewadmin.php", data: username:$".efe username".val, password1:$".efe password1".val, password2:$".efe password2".val, email:$".e...

8.8CVSS9AI score0.01412EPSS
Exploits4
Rows per page
Query Builder