Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
6.8
CVSSv2
CVE-2018-12602
Published: 25/06/2018 Updated: 27/08/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Lfcms
Vulnerability Summary
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily.
Vulnerability Trend
Vulnerable Product
Search on Vulmon
Subscribe to Product
lfdycms lfcms 3.7.0
Exploits
Exploit DB: LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)
# Exploit Title: A CSRF vulnerability exists in LFCMS_370: users can be added arbitrarily # Date: 2018-06-20 # Exploit Author: bay0net # Vendor Homepage: wwwcnblogscom/v1vvwv/p/9203740html # Software Link: wwwlfdycmscom/home/down/index/id/26html # Version: 370 # CVE : CVE-2018-12602 A CSRF vulnerability exists in LFCMS_3 ...
Exploit DB: LFCMS 3.7.0 Cross Site Request Forgery
LFCMS version 370 suffers from an add user cross site request forgery vulnerability ...
References
CWE-352
http://packetstormsecurity.com/files/148268/LFCMS-3.7.0-Cross-Site-Request-Forgery.html
https://www.exploit-db.com/exploits/44918/
https://www.cnblogs.com/v1vvwv/p/9203740.html
http://www.iwantacve.cn/index.php/archives/43/
https://nvd.nist.gov
https://www.exploit-db.com/exploits/44918/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started