Skip to main content

Srcms

4 CVEs product

Monthly

CVE-2018-19319 MEDIUM POC This Month

SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=gifts&a=update to change goods prices with the super administrator's privileges. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Srcms
NVD GitHub
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-19318 HIGH POC This Week

SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Srcms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-14069 HIGH This Week

An issue was discovered in SRCMS V2.3.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Srcms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-14068 HIGH POC This Week

An issue was discovered in SRCMS V2.3.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Srcms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
EPSS 0% CVSS 6.5
MEDIUM POC This Month

SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=gifts&a=update to change goods prices with the super administrator's privileges. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Srcms
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Srcms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

An issue was discovered in SRCMS V2.3.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Srcms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in SRCMS V2.3.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Srcms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy