CVE-2018-19224

HIGH

LAOBANCMS 2.0 - CSRF

Title source: llm

An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.

CVSS v3 7.5

EPSS 0.0024

EPSS Percentile 46.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-565

Status published

Products (1)

laobancms/laobancms 2.0

Published Nov 12, 2018

Tracked Since Feb 18, 2026