Ignitedcms: Security Vulnerabilities
Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via the component "/admin/profile/save_profile".
CVSS Score
8.8
EPSS Score
0.004
Published
2021-08-06
index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-07-06
An issue was discovered in Ignited CMS through 2017-02-19. ign/index.php/admin/pages/add_page allows a CSRF attack to add pages.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-08-08