exploitDog

CVE-2018-18921

Опубликовано: 18 дек. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 5.8

EPSS Низкий

Описание

PHP Server Monitor before 3.3.2 has CSRF, as demonstrated by a Delete action.

Ссылки

https://github.com/phpservermon/phpservermon/issues/670
Patch
Third Party Advisory
https://medium.com/bugbountywriteup/cve-2018-18921-php-server-monitor-3-3-1-cross-site-request-forgery-a73e8dae563
Exploit
Third Party Advisory
https://github.com/phpservermon/phpservermon/issues/670
Patch
Third Party Advisory
https://medium.com/bugbountywriteup/cve-2018-18921-php-server-monitor-3-3-1-cross-site-request-forgery-a73e8dae563
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpservermonitor:php_server_monitor:*:*:*:*:*:*:*:*

Версия до 3.3.2 (исключая)

EPSS

Процентиль: 33%

0.00128

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-w2g4-g8xr-px4x

CVSS3: 6.5

github

больше 3 лет назад

CSRF in PHP Server Monitor before 3.3.2

EPSS

Процентиль: 33%

0.00128

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-352