Lucene search
China National Vulnerability DatabaseCNVD-2023-95715HistoryDec 04, 2023 - 12:00 a.m.
Dreamer CMS Cross-Site Request Forgery Vulnerability (CNVD-2023-9571566)
2023-12-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
dreamer cms
cross-site request forgery
junnan wang
china
vulnerability
/admin/archives/add
Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which originates from a failure to adequately validate whether a request is from a trusted user in the component /admin/archives/add, and can be exploited by an attacker to forge a malicious request to trick a victim into clicking on it to perform a sensitive operation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dreamer cms dreamer cms v | eq | 4.1.3 |
Related
prion
prion
Cross site request forgery (csrf)
2023-11-30 14:15:00
nvd
nvd
CVE-2023-48914
2023-11-30 14:15:11
cve
cve
CVE-2023-48914
2023-11-30 14:15:11
osv
osv
CVE-2023-48914
2023-11-30 14:15:11
cvelist
cvelist
CVE-2023-48914
2023-11-30 00:00:00