Vulnerability CVE-2018-19560


Published: 2018-11-26

Description:
BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate to modify a user account.

Type:

CWE-352

(Cross-Site Request Forgery (CSRF))

Vendor: Bagesoft
Product: Bagecms 
Version: 3.1.3;

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
https://github.com/bagesoft/bagecms/issues/4

Related CVE
CVE-2019-8421
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
CVE-2018-19104
In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges.
CVE-2018-18258
An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI.
CVE-2018-18257
An issue was discovered in BageCMS 3.1.3. An attacker can delete any files and folders on the web server via an index.php?r=admini/template/batch&command=deleteFile&fileName= or index.php?r=admini/template/batch&command=deleteFolder&folderName=../ di...
CVE-2018-14582
index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account.

Copyright 2019, cxsecurity.com

 

Back to Top