CVE-2018-19829

Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.
References
Link Resource
https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/ Exploit Third Party Advisory
https://www.exploit-db.com/exploits/46013/ Exploit VDB Entry Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:artica:integria_ims:5.0.83:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-12-18 22:29

Updated : 2024-02-28 16:48


NVD link : CVE-2018-19829

Mitre link : CVE-2018-19829

CVE.ORG link : CVE-2018-19829


JSON object : View

Products Affected

artica

  • integria_ims
CWE
CWE-352

Cross-Site Request Forgery (CSRF)