7 matches found
EUVD-2019-17827
Malware in sbrugna...
njiandan-cms cross-site request forgery vulnerability
njiandan-cms is a PHP-based content management system CMS. A cross-site request forgery vulnerability exists in njiandan-cms version 2013-05-23 and earlier. A remote attacker can exploit this vulnerability to add an administrator account with the help of the index.php/admin/usernew URL...
CVE-2019-8437
njiandan-cms through 2013-05-23 has index.php/admin/usernew CSRF to add an administrator...
CVE-2019-8437
njiandan-cms through 2013-05-23 has index.php/admin/usernew CSRF to add an administrator...
Cross site request forgery (csrf)
njiandan-cms through 2013-05-23 has index.php/admin/usernew CSRF to add an administrator...
CVE-2019-8437
njiandan-cms through 2013-05-23 has index.php/admin/usernew CSRF to add an administrator...
CVE-2019-8437
The CVE concerns njiandan-cms with a CSRF vulnerability in the index.php/admin/user_new endpoint, allowing an attacker to add an administrator. The NVD entry (CVE-2019-8437) notes exploitation via this CSRF path and provides CVSS metrics (v2: 6.8 MEDIUM; v3: 8.8 HIGH) indicating impact to confide...