ysuzhangbin - Security Researcher - Exploit Intelligence Platform

CVE-2023-49446 WRITEUP HIGH WORKING POC

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/nav/save

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/save.

CVSS 8.8

View Code

CVE-2023-49447 WRITEUP HIGH WORKING POC

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Navigation Update Endpoint

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.

CVSS 8.8

View Code

CVE-2023-49448 WRITEUP HIGH WORKING POC

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Navigation Management Delete Endpoint

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/nav/delete.

CVSS 8.8

View Code

CVE-2024-22591 WRITEUP HIGH WORKING POC

FlyCms v1.0 - Cross-Site Request Forgery via /system/user/group_save

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.

CVSS 8.8

View Code

CVE-2024-22592 WRITEUP HIGH WORKING POC

FlyCms v1.0 - Cross-Site Request Forgery via /system/user/group_update

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update

CVSS 8.8

View Code

CVE-2024-22593 WRITEUP HIGH WORKING POC

FlyCms v1.0 - Cross-Site Request Forgery via /system/admin/add_group_save

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save

CVSS 8.8

View Code