EUVD-2018-4562

Malware in sbrugna...

CVE-2018-12603

Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...

CVE-2018-12603

Cross-site request forgery CSRF vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114...

CVE-2018-12603

CVE-2018-12603 affects LFCMS 3.7.0: a Cross-Site Request Forgery in admin.php via the s parameter allows remote attackers to hijack user authentication and add an administrator account. The issue enables adding admin accounts without user consent, as described in CVE-2018-12114 related disclosure...

Cross site request forgery (csrf)

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...

CVE-2018-12602

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily...

LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin)

LFCMS 3.7.0 - Cross-Site Request Forgery Add Admin Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: administrator account can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203899.html Software Link:...

LFCMS 3.7.0 - Cross-Site Request Forgery (Add User) Vulnerability

Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html...

LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)

Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html Version: 3.7.0 CVE : CVE-2018-12602 A...

LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: administrator account can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203899.html Software Link:...

LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: administrator account can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203899.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html Version: 3.7.0 CVE :...