5 matches found
Exploit for Cross-Site Request Forgery (CSRF) in Anchorcms Anchor_Cms
CVE-2020-23342 Note: When pulling this...
Anchor CMS 0.12.7 - CSRF (Delete user)
Exploit Title: Anchor CMS 0.12.7 - CSRF Delete user Exploit Author: Ninad Mishra Vendor Homepage: https://anchorcms.com/ Software Link: https://anchorcms.com/download Version: 0.12.7 CVE : CVE-2020-23342 PoC the cms uses get method to perform sensitive actions hence users can be deleted via...
CVE-2020-23342
A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users...
CVE-2020-23342
A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users...
CVE-2020-23342
Anchor CMS 0.12.7 contains a CSRF (Cross-Site Request Forgery) flaw in anchor/views/users/edit.php that can change or delete admin users. The CVE description and multiple sources state the vulnerability is triggered via administrative actions performed through a crafted request, with PoC evidence...