4 matches found
Fuel CMS 1.4 Remote Code Execution
!/usr/bin/env ruby Title: Fuel CMS 1.4 - Remote Code Execution Exploit Author: Alexandre ZANNI Date: 2020-11-14 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: FILE -h | --help Options: Root URL base path including...
CVE-2018-16416
Cross-site request forgery CSRF vulnerability in myprofile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in myprofile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password...
CVE-2018-16416
The CVE-2018-16416 issue affects FUEL CMS 1.4, specifically a Cross-Site Request Forgery flaw in the my_profile/edit?inline= path. The underlying problem is CSRF that lets an attacker remotely change the administrator password. Connected records (Red Hat, CNVD, OSV, CVE lists) corroborate the sam...