CVE-2018-1000092

CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery (CSRF) vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/view/11715. This attack appear to be exploitable via A specially crafted web page. This vulnerability appears to have been fixed in 2.2.6.
References
Link Resource
http://dev.cmsmadesimple.org/bug/view/11715 Exploit Third Party Advisory
http://dev.cmsmadesimple.org/bug/view/11715 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.5:*:*:*:*:*:*:*

History

21 Nov 2024, 03:39

Type Values Removed Values Added
References () http://dev.cmsmadesimple.org/bug/view/11715 - Exploit, Third Party Advisory () http://dev.cmsmadesimple.org/bug/view/11715 - Exploit, Third Party Advisory

Information

Published : 2018-03-13 15:29

Updated : 2024-11-21 03:39


NVD link : CVE-2018-1000092

Mitre link : CVE-2018-1000092

CVE.ORG link : CVE-2018-1000092


JSON object : View

Products Affected

cmsmadesimple

  • cms_made_simple
CWE
CWE-352

Cross-Site Request Forgery (CSRF)