Lucene search
K

5 matches found

prion
prion
added 2019/02/15 3:29 p.m.15 views

Cross site request forgery (csrf)

BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/adminmember.php?action=add&nav=addwebuser&adminpnav=user URI...

6.8CVSS8.6AI score0.0065EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2019/02/15 3:29 p.m.19 views

CVE-2019-8347

BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/adminmember.php?action=add&nav=addwebuser&adminpnav=user URI...

8.8CVSS8.7AI score0.0065EPSS
Exploits1References1
cvelist
cvelist
added 2019/02/15 3:0 p.m.26 views

CVE-2019-8347

BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/adminmember.php?action=add&nav=addwebuser&adminpnav=user URI...

8.7AI score0.0065EPSS
Exploits1References1
cve
cve
added 2019/02/15 3:0 p.m.44 views

CVE-2019-8347

CVE-2019-8347 : BEESCMS 4.0 contains a CSRF vulnerability that enables an attacker to add arbitrary VIP accounts through the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI. The connected sources confirm the issue as a CSRF flaw, enabling account creation without proper us...

8.8CVSS8.6AI score0.0065EPSS
Exploits1References1Affected Software1
threatpost
threatpost
added 2011/01/21 5:43 p.m.11 views

Spotlight On Woeful Web Security In iPad Hacking Case

If a Web site leaves sensitive data hanging out in the open, can you still be accused of hacking when you grab it? Turns out, the answer is “hell, yeah!” But lots of people still do it. OK – you’re walking down the street and you come upon this apple tree in some one’s front yard. It’s a lovely...

7.1AI score
Exploits0References4
Rows per page
Query Builder