CVE-2020-18418

Опубликовано: 27 июн. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert.

Ссылки

https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/FeiFeiCMS_4.1_csrf.doc
Exploit
Third Party Advisory
https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/poc
Exploit
https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/FeiFeiCMS_4.1_csrf.doc
Exploit
Third Party Advisory
https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/poc
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:feifeicms:feifeicms:4.1.190209:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00064

Низкий

8.8 High

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-vg7q-4h76-hx2w