• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2020-20514

February 26, 2023 by

A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/.html allows authenticated attackers to delete all users.

CVE-2020-20343

February 26, 2023 by

WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows attackers to arbitrarily add articles in the administrator background.

CVE-2020-19951

February 26, 2023 by

A cross-site request forgery (CSRF) in /controller/pay.class.php of YzmCMS v5.5 allows attackers to access sensitive components of the application.

CVE-2020-19964

February 26, 2023 by

A Cross Site Request Forgery (CSRF) vulnerability was discovered in PHPMyWind 5.6 which allows attackers to create a new administrator account without authentication.

CVE-2020-19886

February 26, 2023 by

DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for an /index.php?dbhcms_pid=-80&deletemenu=9 can delete any menu.

CVE-2020-19889

February 26, 2023 by

DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for index.php?dbhcms_pid=-70 can add a user.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 147
  • Go to page 148
  • Go to page 149
  • Go to page 150
  • Go to page 151
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE