CVE-2019-7738
MEDIUMC.P.Sub < 5.3 - Cross-Site Request Forgery via manage.php Article Deletion
Title source: llmDescription
C.P.Sub before 5.3 allows CSRF via a manage.php?p=article_del&id= URI.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/cooltey/C.P.Sub/issues/3
Patch, Third Party Advisory x_refsource_misc
https://github.com/cooltey/C.P.Sub/commit/b2be52fd89b6fd4d69d63d504bc11742cd679ebe
Scores
CVSS v3
6.5
EPSS
0.0061
EPSS Percentile
44.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-352
Status
published
Products (1)
c.p.sub_project/c.p.sub
< 5.3
Published
Feb 11, 2019
Tracked Since
Feb 18, 2026