PT-2024-31905 · Frog Cms · Frog Cms

Name of the Vulnerable Software and Affected Versions: FrogCMS version 0.9.5 Description: A Cross-Site Request Forgery CSRF issue was discovered in FrogCMS, allowing unauthorized actions via the "/admin/?/plugin/file manager/rename" API endpoint. This could potentially lead to unauthorized file...

CVE-2024-46362

FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createdirectory...

CVE-2024-46085

FrogCMS v0.9.5 is affected by a Cross-Site Request Forgery (CSRF) vulnerability exploitable via the /admin/?/plugin/file_manager/rename endpoint. Root cause: CSRF allows unauthorized actions (e.g., file rename) from authenticated sessions. Impact details in the sources indicate potential for unau...

CVE-2024-46362

CVE-2024-46362 – FrogCMS v0.9.5 CSRF flaw : The Red Hat/NVD/NVD-linked entries describe a Cross‑Site Request Forgery vulnerability exploitable via the endpoint /admin/?/plugin/file_manager/create_directory in FrogCMS 0.9.5. The underlying issue is CSRF that could allow an attacker to perform unau...

FrogCms Cross-Site Request Forgery Vulnerability

FrogCMS is a lightweight PHP content management system A cross-site request forgery vulnerability exists in FrogCms version v0.9.5, which stems from /admin/? /snippet/delete/3 does not adequately verify that the request is from a trusted user. The vulnerability can be exploited by an attacker to...

CVE-2024-42627

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/snippet/delete/3...

CVE-2024-42624

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/page/delete/10...

CVE-2024-42626

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/snippet/add...

CVE-2024-42626

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/snippet/add...

CVE-2024-42624

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/page/delete/10...

CVE-2024-42625

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/layout/add...

CVE-2024-42627

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/snippet/delete/3...

CVE-2024-42623

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/layout/delete/1...

CVE-2024-42623

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/layout/delete/1...

CVE-2024-42630

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createfile...

CVE-2024-42632

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/page/add...

CVE-2024-42631

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/layout/edit/1...

CVE-2024-42632

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/page/add...

CVE-2024-42630

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createfile...

CVE-2024-42631

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/layout/edit/1...