rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user.
Max CVSS
8.8
EPSS Score
0.09%
Published
2018-10-05
Updated
2018-11-27
Cross-site request forgery (CSRF) vulnerability in admin/index.php in RazorCMS 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary web pages via a showcats action.
Max CVSS
6.8
EPSS Score
0.86%
Published
2012-10-22
Updated
2017-08-29
Cross-site request forgery (CSRF) vulnerability in razorCMS before 0.4 allows remote attackers to hijack the authentication of administrators for requests that create a web page containing PHP code.
Max CVSS
6.8
EPSS Score
0.36%
Published
2009-04-28
Updated
2017-08-17
3 vulnerabilities found