xichao

2 exploits Active since Jun 2018

CVE-2018-11671 EXPLOITDB HIGH html WORKING POC

GreenCMS v2.3.0603 - Cross-Site Request Forgery via Admin User Addition

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via index.php?m=admin&c=access&a=adduserhandle.

CVSS 8.8

View Code

CVE-2018-11670 EXPLOITDB HIGH html WORKING POC

GreenCMS v2.3.0603 - Cross-Site Request Forgery via Media File Connect

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.

CVSS 8.8

View Code