Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.
References
Link | Resource |
---|---|
https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/ | Exploit Third Party Advisory |
https://www.exploit-db.com/exploits/46013/ | Exploit Third Party Advisory VDB Entry |
https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/ | Exploit Third Party Advisory |
https://www.exploit-db.com/exploits/46013/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 03:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/ - Exploit, Third Party Advisory | |
References | () https://www.exploit-db.com/exploits/46013/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2018-12-18 22:29
Updated : 2024-11-21 03:58
NVD link : CVE-2018-19829
Mitre link : CVE-2018-19829
CVE.ORG link : CVE-2018-19829
JSON object : View
Products Affected
artica
- integria_ims
CWE
CWE-352
Cross-Site Request Forgery (CSRF)