Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2018/04/02 12:0 a.m.54 views

OpenCMS 10.5.3 Cross Site Request Forgery

Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...

8.7AI score0.02228EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/02 12:0 a.m.44 views

OpenCMS 10.5.3 - Cross-Site Request Forgery

Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...

8.8CVSS8.8AI score0.02228EPSS
Exploits5
NVD
NVD
added 2018/03/20 7:29 a.m.26 views

CVE-2018-8811

Cross-site request forgery CSRF vulnerability in system/workplace/admin/accounts/userrole.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS allows only registered users...

8.8CVSS9.1AI score0.02228EPSS
Exploits5References2
CVE
CVE
added 2018/03/20 7:0 a.m.70 views

CVE-2018-8811

OpenCMS 10.5.3 is affected by a CSRF vulnerability in system/workplace/admin/accounts/user_role.jsp that can lead to privilege escalation by hijacking an admin session. Exploitation requires the attacker to have a CMS account with content-manager privileges; multiple public exploits (Exploit-DB, ...

8.8CVSS9AI score0.02228EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder