CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-18220

Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery (CSRF) issue as it doesn't implement any method to validate incoming requests, allowing the execution of critical functionalities via spoofed requests. This behavior could be abused by a remote unauthenticated attacker to trick Sitemagic users into performing unwarranted actions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://github.com/Jemt/SitemagicCMS/blob/master/changelog.txt
https://vuldb.com/?id.144008
https://github.com/Jemt/SitemagicCMS/blob/master/changelog.txt
https://vuldb.com/?id.144008

Products affected by CVE-2019-18220

Sitemagic » Sitemagic » Version: 4.4.1

cpe:2.3:a:sitemagic:sitemagic:4.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-18220

Products

Pricing

Contact Us