CVE-2017-8382
MEDIUMAdmidio < 4.1-Beta.1 - CSRF
Title source: ruleDescription
admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.
Exploits (2)
nomisec
WRITEUP
3 stars
by faizzaidi · poc
https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc
exploitdb
WORKING POC
VERIFIED
by Faiz Ahmed Zaidi · textwebappsphp
https://www.exploit-db.com/exploits/42005
Scores
CVSS v3
4.5
EPSS
0.0065
EPSS Percentile
70.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-352
Status
published
Products (3)
admidio/admidio
admidio/admidio
< 4.1-Beta.1Packagist
n/a/n/a
Published
May 16, 2017
Tracked Since
Feb 18, 2026