• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-16447

February 26, 2023 by

Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.

CVE-2018-16448

February 26, 2023 by

Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.

CVE-2018-16449

February 26, 2023 by

OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html.

CVE-2018-16380

February 26, 2023 by

An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF vulnerability in users.php?action=createnew that can add an admin account.

CVE-2018-16387

February 26, 2023 by

An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF vulnerability that can add an account via user/add.

CVE-2018-16345

February 26, 2023 by

An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability that can update the admin password via index.php?s=/admin/rbacuser/update/navTabId/listusers/callbackType/closeCurrent.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 62
  • Go to page 63
  • Go to page 64
  • Go to page 65
  • Go to page 66
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE