3 matches found
CVE-2020-18648
Cross Site Request Forgery CSRF in JuQingCMS v1.0 allows remote attackers to gain local privileges via the component "JuQingCMSv1.0/admin/index.php?c=administrator=add"...
CVE-2020-18648
Cross Site Request Forgery CSRF in JuQingCMS v1.0 allows remote attackers to gain local privileges via the component "JuQingCMSv1.0/admin/index.php?c=administrator&a=add"...
CVE-2020-18648
CVE-2020-18648 affects JuQingCMS v1.0. The vulnerability is a CSRF in the admin/index.php?c=administrator&a=add endpoint that can let an attacker cause the user to gain local privileges. CVSS metrics in the primary entry indicate a high impact (CVSS v3.1 base score 8.8; confidentially/integrity/a...