Lucene search
K

127 matches found

CNVD
CNVD
added 2018/11/27 12:0 a.m.3 views

SQL Injection Vulnerability in GreenCMS

GreenCMS is a ThinkPHP-based content management system. GreenCMS suffers from a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information...

7.9AI score
Exploits0
CNVD
CNVD
added 2018/11/21 12:0 a.m.4 views

GreenCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-00334)

GreenCMS is a content management system CMS based on ThinkPHP. A cross-site request forgery vulnerability exists in GreenCMS version 2.3.0603. A remote attacker can exploit this vulnerability to delete log files with the help of the index.php?m=admin&c=data&a=clear URI...

6.5CVSS6.6AI score0.00506EPSS
Exploits1References1
Prion
Prion
added 2018/11/20 9:29 p.m.14 views

Cross site request forgery (csrf)

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to delete a log file via the index.php?m=admin&c=data&a=clear URI...

5.8CVSS6.4AI score0.00506EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/20 9:29 p.m.9 views

CVE-2018-19376

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to delete a log file via the index.php?m=admin&c=data&a=clear URI...

6.5CVSS6.5AI score0.00506EPSS
Exploits1References1
OSV
OSV
added 2018/11/20 9:29 p.m.15 views

CVE-2018-19376

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to delete a log file via the index.php?m=admin&c=data&a=clear URI...

6.5CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2018/11/20 9:0 p.m.14 views

CVE-2018-19376

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to delete a log file via the index.php?m=admin&c=data&a=clear URI...

6.5AI score0.00506EPSS
Exploits1References1
CVE
CVE
added 2018/11/20 9:0 p.m.48 views

CVE-2018-19376

GreenCMS v2.3.0603 is affected by a cross-site request forgery (CSRF) vulnerability that allows an attacker to delete log files via the URI index.php?m=admin&c=data&a=clear. This issue is documented in multiple sources (CNVD-2019-00334, NVD CVE-2018-19376, OSV) and is confirmed across CNVD/CVSS d...

6.5CVSS6.4AI score0.00506EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/11/17 3:29 p.m.16 views

CVE-2018-19329

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button...

4.9CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2018/11/17 3:29 p.m.16 views

Design/Logic Flaw

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button...

5.5CVSS5AI score0.01774EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/17 3:29 p.m.24 views

CVE-2018-19329

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button...

5.5CVSS5AI score0.01774EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/17 3:0 p.m.27 views

CVE-2018-19329

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button...

5AI score0.01774EPSS
Exploits1References1
CVE
CVE
added 2018/11/17 3:0 p.m.41 views

CVE-2018-19329

GreenCMS v2.3.0603 contains a stored/reflective issue where remote authenticated administrators can delete arbitrary files by altering a base64-encoded pathname in the m=admin&c=media&a=delfilehandle&id= request, related to the m=admin&c=media&a=restorefile delete button. The root cause is manipu...

5.5CVSS4.9AI score0.01774EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/07/28 12:0 a.m.2 views

Arbitrary File Deletion Vulnerability in GreenCMS Backend

GreenCMS is an open source content management system written in PHP by Green Shade Studio, which is based on ThinkPHP, the most popular PHP development framework in China. GreenCMS background there are any file deletion vulnerability , attackers can use the vulnerability to delete any file...

7AI score
Exploits0
CNVD
CNVD
added 2018/07/03 12:0 a.m.5 views

GreenCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-13895)

GreenCMS is a content management system CMS based on ThinkPHP. A cross-site request forgery vulnerability exists in GreenCMS version 2.3.0603. A remote attacker can exploit this vulnerability by sending the 'content' parameter to the index.php?m=admin&c=media&a=fileconnect URL to execute arbitrar...

8.8CVSS8.9AI score0.02513EPSS
Exploits5References1
NVD
NVD
added 2018/06/29 5:29 a.m.20 views

CVE-2018-12988

GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile URI...

7.5CVSS7.6AI score0.01586EPSS
Exploits1References1
Prion
Prion
added 2018/06/29 5:29 a.m.10 views

Arbitrary file deletion

GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile URI...

5CVSS7.6AI score0.01586EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/06/29 5:29 a.m.17 views

CVE-2018-12988

GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile URI...

7.5CVSS7.3AI score
Exploits0References1
Cvelist
Cvelist
added 2018/06/29 5:0 a.m.13 views

CVE-2018-12988

GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile URI...

7.7AI score0.01586EPSS
Exploits1References1
CVE
CVE
added 2018/06/29 5:0 a.m.36 views

CVE-2018-12988

GreenCMS 2.3.0603 (ThinkPHP-based) contains an arbitrary file download vulnerability exposed through index.php?m=admin&c=media&a=downfile. The root cause is not explicitly stated beyond the vulnerability type; the provided documents do not include exploit details, affected file types, or version-...

7.5CVSS7.6AI score0.01586EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/06/29 12:0 a.m.6 views

GreenCMS Arbitrary File Download Vulnerability

GreenCMS is a content management system CMS based on ThinkPHP. An arbitrary file download vulnerability exists in GreenCMS version 2.3.0603. An attacker can download arbitrary files with the help of index.php?m=admin&c=media&a=downfile URI...

7.5CVSS7.7AI score0.01586EPSS
Exploits1References1
Rows per page
Query Builder