Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2020-18694

Disclosure Date: August 06, 2021 (last updated February 23, 2025)
Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via the component "/admin/profile/save_profile".
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-13370

Disclosure Date: July 06, 2019 (last updated February 17, 2024)
index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-15203

Disclosure Date: August 08, 2018 (last updated February 17, 2024)
An issue was discovered in Ignited CMS through 2017-02-19. ign/index.php/admin/pages/add_page allows a CSRF attack to add pages.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0