Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9063 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-16732 1 Chshcms 1 Cscms 2024-11-21 N/A
\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save.
CVE-2018-16650 1 Phpmyfaq 1 Phpmyfaq 2024-11-21 N/A
phpMyFAQ before 2.9.11 allows CSRF.
CVE-2018-16634 1 Pluck-cms 1 Pluck 2024-11-21 N/A
Pluck v4.7.7 allows CSRF via admin.php?action=settings.
CVE-2018-16552 1 Micropyramid 1 Django Crm 2024-11-21 8.8 High
MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs.
CVE-2018-16458 1 Baigo 1 Baigo Cms 2024-11-21 N/A
An issue was discovered in baigo CMS v2.1.1. There is an index.php?m=article&c=request CSRF that can cause publication of any article.
CVE-2018-16449 1 Onethink 1 Onethink 2024-11-21 N/A
OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html.
CVE-2018-16448 1 Chshcms 1 Cscms 2024-11-21 N/A
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.
CVE-2018-16447 1 Frogcms Project 1 Frogcms 2024-11-21 N/A
Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.
CVE-2018-16431 1 Yfcmf 1 Yfcmf 2024-11-21 N/A
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.
CVE-2018-16416 1 Thedaylightstudio 1 Fuel Cms 2024-11-21 N/A
Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password.
CVE-2018-16387 1 Elefantcms 1 Elefantcms 2024-11-21 N/A
An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF vulnerability that can add an account via user/add.
CVE-2018-16380 1 Digimute 1 Ogma Cms 2024-11-21 N/A
An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF vulnerability in users.php?action=createnew that can add an admin account.
CVE-2018-16366 1 Idreamsoft 1 Icms 2024-11-21 N/A
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF.
CVE-2018-16365 1 Idreamsoft 1 Icms 2024-11-21 N/A
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.
CVE-2018-16345 1 Easycms 1 Easycms 2024-11-21 N/A
An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability that can update the admin password via index.php?s=/admin/rbacuser/update/navTabId/listusers/callbackType/closeCurrent.
CVE-2018-16339 1 Phome 1 Empirecms 2024-11-21 N/A
An issue was discovered in EmpireCMS 7.0. There is a CSRF vulnerability that can add administrators via upload/e/admin/user/AddUser.php?enews=AddUser.
CVE-2018-16338 1 Auracms 1 Auracms 2024-11-21 N/A
An issue was discovered in AuraCMS 2.3. There is a CSRF vulnerability that can change the administrator's password via admin.php?mod=users and subsequently add a page or menu, or submit a topic.
CVE-2018-16337 1 Chshcms 1 Cscms 2024-11-21 N/A
An issue was discovered in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website's basic configuration via upload/admin.php/setting/save.
CVE-2018-16332 1 Idreamsoft 1 Icms 2024-11-21 N/A
An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
CVE-2018-16331 1 Damicms 1 Damicms 2024-11-21 N/A
admin.php?s=/Admin/doedit in DamiCMS v6.0.0 allows CSRF to change the administrator account's password.