• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2020-19264

February 26, 2023 by

A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd.

CVE-2020-19268

February 26, 2023 by

A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.

CVE-2020-19280

February 26, 2023 by

Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations.

CVE-2020-19159

February 26, 2023 by

Cross Site Request Forgery (CSRF) in LaikeTui v3 allows remote attackers to execute arbitrary code via the component ‘/index.php?module=member&action=add’.

CVE-2020-19047

February 26, 2023 by

Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote atatckers to execute arbitrary code via malicious POST request to the component ‘/index.php?controller=system&action=admin_edit_act’.

CVE-2020-18889

February 26, 2023 by

Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin’s password via /admin/settings.php.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 149
  • Go to page 150
  • Go to page 151
  • Go to page 152
  • Go to page 153
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE