Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
685
VMScore
CVE-2018-12114
Published: 14/06/2018 Updated: 03/08/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Maccms
Vulnerability Summary
Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts.
Vulnerability Trend
Vulnerable Product
Search on Vulmon
Subscribe to Product
maccms maccms 10.0
Exploits
Exploit DB: MACCMS 10 - Cross-Site Request Forgery (Add User)
# Exploit Title: MACCMS_V10 CSRF vulnerability add admin account # Date: 2018-06-11 # Exploit Author: bay0net # Vendor Homepage: wwwcnblogscom/v1vvwv/p/9168309html # Software Link: wwwmaccmscom/downhtml # Version: V10 # CVE : CVE-2018-12114 I found a CSRF vulnerability in maccms_v10,this vulnerability can be arbitrarily adde ...
Exploit DB: MACCMS 10 Cross Site Request Forgery
MACCMS version 10 suffers from a cross site request forgery vulnerability ...
References
CWE-352
https://www.cnblogs.com/v1vvwv/p/9168309.html
http://www.iwantacve.cn/index.php/archives/42/
https://www.exploit-db.com/exploits/44887/
https://nvd.nist.gov
https://www.exploit-db.com/exploits/44887/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started