Skip to main content
CVE-2018-15845 HIGH POC This Week

There is a CSRF vulnerability that can add an administrator account in Gleez CMS 1.2.0 via admin/users/add. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Gleez Cms
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
2.3%
CVE-2018-15844 HIGH POC This Week

An issue was discovered in DamiCMS 6.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Damicms
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
2.5%
CVE-2018-15851 HIGH This Week

An issue was discovered in Flexo CMS v0.1.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Flexo Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2018-15850 HIGH This Week

An issue was discovered in REDAXO CMS 4.7.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Redaxo Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2018-15848 HIGH This Week

An issue was discovered in portfolioCMS 1.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Portfoliocms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-15846 HIGH This Week

An issue was discovered in fledrCMS through 2014-02-03. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Fledrcms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-15857 HIGH PATCH This Week

An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free Libxkbcommon Xkbcommon +1
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy