A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/TheHermione/CVE-2024-45264 | |
https://skyss.ru |
History
Fri, 30 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Skyss
Skyss arfa-cms |
|
CPEs | cpe:2.3:a:skyss:arfa-cms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Skyss
Skyss arfa-cms |
Tue, 27 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Skysystem
Skysystem arfa Cms |
|
Weaknesses | CWE-352 | |
CPEs | cpe:2.3:a:skysystem:arfa_cms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Skysystem
Skysystem arfa Cms |
|
Metrics |
cvssV3_1
|
Tue, 27 Aug 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-08-27T00:00:00
Updated: 2024-08-27T17:05:34.560Z
Reserved: 2024-08-25T00:00:00
Link: CVE-2024-45264
Vulnrichment
Updated: 2024-08-27T17:04:59.597Z
NVD
Status : Analyzed
Published: 2024-08-27T16:15:08.070
Modified: 2024-08-30T15:02:34.610
Link: CVE-2024-45264
Redhat
No data.