razorCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-26701)

razorCMS is an open source content management system written in PHP, which stores all data in flat files, so there is no need to install a database. A cross-site request forgery vulnerability exists in the rars/user/data page in razorCMS version 3.4.8. A remote attacker can exploit this...

Cross site request forgery (csrf)

rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user...

CVE-2018-17986

rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user...