Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

0day.today
0day.todayadded 2018/04/02 12:0 a.m.46 views

Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User) Vulnerability

Exploit for php platform in category web applications Exploit Title:​​ Cross Site Request Forgery- Frog CMS Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://github.com/philippe/FrogCMS Version: 0.9.5 CVE :...

8.7AI score0.02354EPSS
Exploits5
exploitpack
exploitpackadded 2018/04/02 12:0 a.m.34 views

Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)

Frog CMS 0.9.5 - Cross-Site Request Forgery Add User Exploit Title:​​ Cross Site Request Forgery- Frog CMS Date: 31-03-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://github.com/philippe/FrogCMS Versio...

6.8CVSS0.8AI score0.02354EPSS
Exploits5
Exploit DB
Exploit DBadded 2018/04/02 12:0 a.m.43 views

Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)

Exploit Title:​​ Cross Site Request Forgery- Frog CMS Date: 31-03-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://github.com/philippe/FrogCMS Version: 0.9.5 CVE : CVE-2018-8908 Category: Webapp CMS 1...

8.8CVSS7AI score0.02354EPSS
Exploits5
ATTACKERKB
ATTACKERKBadded 2018/03/31 10:29 p.m.1 views

CVE-2018-8908

An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges. This happens...

8.8CVSS5.6AI score0.02354EPSS
Exploits5References3
CVE
CVEadded 2018/03/31 10:0 p.m.48 views

CVE-2018-8908

The CVE-2018-8908 entry concerns Frog CMS 0.9.5 where the add user function at /admin/?/user/add is vulnerable to CSRF due to missing anti-CSRF tokens. A malicious page can trick a logged-in admin to perform an action that creates another admin user, potentially escalating privileges. Public refe...

8.8CVSS8.5AI score0.02354EPSS
Exploits5References2Affected Software1
Packet Storm
Packet Stormadded 2018/03/31 12:0 a.m.41 views

Frog CMS 0.9.5 Cross Site Request Forgery

Exploit Title:aa Cross Site Request Forgery- Frog CMS Date: 31-03-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://github.com/philippe/FrogCMS Version: 0.9.5 CVE : CVE-2018-8908 Category: Webapp CMS 1...

8.7AI score0.02354EPSS
Exploits5
Rows per page
Query Builder