An issue was discovered in DamiCMS 6.0.0. There is an CSRF vulnerability that can revise the administrator account's password via /admin.php?s=/Admin/doedit.
                
            References
                    | Link | Resource | 
|---|---|
| https://github.com/Vict00r/poc/issues/1 | Third Party Advisory | 
| https://www.exploit-db.com/exploits/45314/ | Third Party Advisory VDB Entry | 
| https://github.com/Vict00r/poc/issues/1 | Third Party Advisory | 
| https://www.exploit-db.com/exploits/45314/ | Third Party Advisory VDB Entry | 
Configurations
                    History
                    No history.
Information
                Published : 2018-08-25 21:29
Updated : 2024-11-21 03:51
NVD link : CVE-2018-15844
Mitre link : CVE-2018-15844
CVE.ORG link : CVE-2018-15844
JSON object : View
Products Affected
                damicms
- damicms
CWE
                
                    
                        
                        CWE-352
                        
            Cross-Site Request Forgery (CSRF)
