CVE-2018-17081

e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&action=inline&ajax_used=1&id= for changing the title of an arbitrary page.
References
Link Resource
https://github.com/himanshurahi/e107_2.1.9_CSRF_POC Exploit Technical Description
Configurations

Configuration 1

cpe:2.3:a:e107:e107:2.1.9:*:*:*:*:*:*:*

Information

Published : 2018-09-26 09:29

Updated : 2018-11-26 03:12


NVD link : CVE-2018-17081

Mitre link : CVE-2018-17081

Products Affected
No products.
CWE