Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
685
VMScore

CVE-2018-12602

Published: 25/06/2018 Updated: 27/08/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Lfcms

Vulnerability Summary

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

lfdycms lfcms 3.7.0

Exploits

Exploit DB: LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)
# Exploit Title: A CSRF vulnerability exists in LFCMS_370: users can be added arbitrarily # Date: 2018-06-20 # Exploit Author: bay0net # Vendor Homepage: wwwcnblogscom/v1vvwv/p/9203740html # Software Link: wwwlfdycmscom/home/down/index/id/26html # Version: 370 # CVE : CVE-2018-12602 A CSRF vulnerability exists in LFCMS_3 ...
Exploit DB: LFCMS 3.7.0 Cross Site Request Forgery
LFCMS version 370 suffers from an add user cross site request forgery vulnerability ...

References

CWE-352http://packetstormsecurity.com/files/148268/LFCMS-3.7.0-Cross-Site-Request-Forgery.htmlhttps://www.exploit-db.com/exploits/44918/https://www.cnblogs.com/v1vvwv/p/9203740.htmlhttp://www.iwantacve.cn/index.php/archives/43/https://nvd.nist.govhttps://www.exploit-db.com/exploits/44918/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook