CVE-2018-16345

An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability that can update the admin password via index.php?s=/admin/rbacuser/update/navTabId/listusers/callbackType/closeCurrent.
References
Link Resource
https://github.com/teameasy/EasyCMS/issues/5 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:easycms:easycms:1.5:*:*:*:*:*:*:*

Information

Published : 2018-09-02 06:29

Updated : 2018-11-13 03:56


NVD link : CVE-2018-16345

Mitre link : CVE-2018-16345

Products Affected
No products.
CWE