cve/CVE-2018-11527.md at d265b01db84ea263ae08fa7d2c08cb82387c2083

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An issue was discovered in CScms v4.1. A Cross-site request forgery (CSRF) vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpass_save.

POC

Reference

https://github.com/fanyibo2009/cscms/blob/master/v4.1%20csrf

Github

No PoCs found on GitHub currently.

710 B Raw Blame History

CVE-2018-11527

Description

POC

Reference

Github

710 B

Raw Blame History