Skip to main content

Snowfox Content Management System

2 CVEs product

Monthly

CVE-2014-9344 MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new admin account via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Snowfox Content Management System
NVD GitHub Exploit-DB
CVSS 2.0
6.8
EPSS
0.6%
CVE-2014-9343 MEDIUM POC PATCH This Month

Open redirect vulnerability in modules/system/controller/selectlanguage.class.php in Snowfox CMS 1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

PHP Open Redirect Snowfox Content Management System
NVD GitHub
CVSS 2.0
5.8
EPSS
0.6%
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new admin account via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Snowfox Content Management System
NVD GitHub Exploit-DB
EPSS 1% CVSS 5.8
MEDIUM POC PATCH This Month

Open redirect vulnerability in modules/system/controller/selectlanguage.class.php in Snowfox CMS 1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

PHP Open Redirect Snowfox Content Management System
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy