Catfish-cms - Catfish Cms CVE

Filtered by vendor Catfish-cms Subscribe

Filtered by product Catfish Cms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-45017	1 Catfish-cms	1 Catfish Cms	2021-12-20	6.8 MEDIUM	8.8 HIGH
Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.* when you upload an html file containing CSRF on the website that uses a google editor; you can specify the menu url address as your malicious url address in the Add Menu column.
CVE-2018-18734	1 Catfish-cms	1 Catfish Cms	2018-11-13	6.8 MEDIUM	8.8 HIGH
A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30.

Vulnerabilities (CVE)