CVE-2018-19829

MEDIUM

Artica Integria IMS 5.0.83 - Cross-Site Request Forgery in User List Management

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-19829. PoCs published by Javier Olmedo.

AI-analyzed exploit summary This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Integria IMS 5.0.83, allowing an attacker to delete users via crafted GET or POST requests. The PoC includes methods to trick victims into executing the malicious requests.

Description

Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.

Exploits (1)

exploitdb WORKING POC

by Javier Olmedo · htmlwebappsphp

https://www.exploit-db.com/exploits/46013

View Code ZIP pw:eip

This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Integria IMS 5.0.83, allowing an attacker to delete users via crafted GET or POST requests. The PoC includes methods to trick victims into executing the malicious requests.

Classification

Working Poc 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Integria IMS 5.0.83 and possibly before

No auth needed

Prerequisites: Victim must be authenticated and tricked into clicking a malicious link or submitting a form

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/46013/

Scores

CVSS v3 6.5

EPSS 0.0032

EPSS Percentile 55.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE

CWE-352

Status published

Products (1)

artica/integria_ims 5.0.83

Published Dec 18, 2018

Tracked Since Feb 18, 2026