Vulnerability Details CVE-2018-15846
An issue was discovered in fledrCMS through 2014-02-03. There is a CSRF vulnerability that can change the administrator's password via index.php?p=done&savedata=1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2018-15846
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-11-04
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-11-05
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-11-06
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-11-12
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-11-13
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-11-18
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-11-25
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-11-26
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-12-03
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-12-07
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-12-09
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-12-10
-
cpe:2.3:a:fledrcms_project:fledrcms:2013-12-18
-
cpe:2.3:a:fledrcms_project:fledrcms:2014-01-07
-
cpe:2.3:a:fledrcms_project:fledrcms:2014-01-28
-
cpe:2.3:a:fledrcms_project:fledrcms:2014-02-03