Skip to main content

Lfcms

2 CVEs product

Monthly

CVE-2018-12603 HIGH POC This Week

Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Lfcms
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
3.6%
CVE-2018-12602 HIGH POC This Week

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Lfcms
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
3.0%
EPSS 4% CVSS 8.8
HIGH POC This Week

Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Lfcms
NVD Exploit-DB
EPSS 3% CVSS 8.8
HIGH POC This Week

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Lfcms
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy