Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2018-12603

Disclosure Date: June 25, 2018 (last updated November 26, 2024)
Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114.
0
0
Attacker Value
Unknown

CVE-2018-12114

Disclosure Date: June 14, 2018 (last updated November 26, 2024)
Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts.
0
0