Razorcms
CVE-2018-17986
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user.
AnalysisAI
rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Request Forgery (CSRF) (CWE-352), which allows attackers to trick authenticated users into performing unintended actions. rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user. Affected products include: Razorcms.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement anti-CSRF tokens, validate Origin/Referer headers, use SameSite cookie attribute.
admin/core/admin_func.php in razorCMS before 1.2.1 does not properly restrict access to certain administrator directorie
Cross-site request forgery (CSRF) vulnerability in admin/index.php in RazorCMS 1.2.1 and earlier allows remote attackers
Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter. Rated medium severity (CVSS 5.4), this vulner
HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter. Rated medium severity (CVSS 5.4), this vulne
razorCMS 3.4.7 allows Stored XSS via the keywords of the homepage within the settings component. Rated medium severity (
razorCMS 3.4.7 allows HTML injection via the description of the homepage within the settings component. Rated medium sev
razorCMS 1.2 allows remote authenticated users to access administrator directories and files by creating and deleting a
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today