RSS   Vulnerabilities for 'Simple cms'   RSS

2018-08-19
 
CVE-2018-15565

 

 
An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF.

 
 
CVE-2018-15564

 

 
An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8.

 


Copyright 2024, cxsecurity.com

 

Back to Top