Lfcms
Monthly
Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.