Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
beescms beescms 4.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-10266
BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI.
Beescms Beescms 4.0
6.5
CVSSv3
CVE-2020-22334
Cross Site Request Forgery (CSRF) vulnerability in beescms v4 allows malicious users to delete the administrator account via crafted request to /admin/admin_admin.php.
Beescms Beescms 4.0
8.8
CVSSv3
CVE-2019-8347
BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI.
Beescms Beescms 4.0
8.8
CVSSv3
CVE-2020-23572
BEESCMS v4.0 exists to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows malicious users to execute arbitrary code via a crafted image file.
Beescms Beescms 4.0
8.8
CVSSv3
CVE-2018-12739
In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266.
Beescms Beescms 4.0
1 EDB exploit
NA
CVE-2024-31011
Arbitrary file write vulnerability in beescms v.4.0, allows a remote malicious user to execute arbitrary code via a file path that was not isolated and the suffix was not verified in admin_template.php.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started