Show filters
13 Total Results
Displaying 11-13 of 13
Sort by:
Attacker Value
Unknown

CVE-2018-16732

Disclosure Date: September 08, 2018 (last updated November 27, 2024)
\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save.
0
0
Attacker Value
Unknown

CVE-2018-16337

Disclosure Date: September 02, 2018 (last updated November 27, 2024)
An issue was discovered in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website's basic configuration via upload/admin.php/setting/save.
0
0
Attacker Value
Unknown

CVE-2018-11527

Disclosure Date: May 29, 2018 (last updated November 26, 2024)
An issue was discovered in CScms v4.1. A Cross-site request forgery (CSRF) vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpass_save.
0
0
View More Topics  < Previous