• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-19225

February 26, 2023 by

An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF.

CVE-2018-19182

February 26, 2023 by

Engelsystem before commit hash 2e28336 allows CSRF.

CVE-2018-19192

February 26, 2023 by

An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the data[content] parameter.

CVE-2018-19135

February 26, 2023 by

ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an attacker to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by default, it allows html, pdf, xml, zip, and many other file types). A file can be accessed publicly under the “/assets/files” directory.

CVE-2018-19138

February 26, 2023 by

WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI.

CVE-2018-19104

February 26, 2023 by

In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 50
  • Go to page 51
  • Go to page 52
  • Go to page 53
  • Go to page 54
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE