24 matches found
LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)
Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html Version: 3.7.0 CVE : CVE-2018-12602 A...
LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: administrator account can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203899.html Software Link:...
LFCMS 3.7.0 - Cross-Site Request Forgery (Add User) Vulnerability
Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html...
Arbitrary File Read Vulnerability in LFCMS Version 3.4.0
LFCMS is a film and television content management system developed in PHP and based on THINKPHP framework suitable for all kinds of video, film and television websites. LFCMS 3.4.0 version of the arbitrary file reading vulnerability, attackers can use the vulnerability to obtain the source code o...