Filtered by vendor Srcms Project
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-19318 | 1 Srcms Project | 1 Srcms | 2018-12-17 | 6.8 MEDIUM | 8.8 HIGH |
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account. | |||||
CVE-2018-19319 | 1 Srcms Project | 1 Srcms | 2018-12-17 | 4.3 MEDIUM | 6.5 MEDIUM |
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=gifts&a=update to change goods prices with the super administrator's privileges. | |||||
CVE-2018-14069 | 1 Srcms Project | 1 Srcms | 2018-09-10 | 6.0 MEDIUM | 8.8 HIGH |
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add. | |||||
CVE-2018-14068 | 1 Srcms Project | 1 Srcms | 2018-09-10 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add. |