Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25915 | 1 Thinkcmf | 1 Thinkcmf | 2023-08-16 | N/A | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login. | |||||
| CVE-2021-40616 | 1 Thinkcmf | 1 Thinkcmf | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| thinkcmf v5.1.7 has an unauthorized vulnerability. The attacker can modify the password of the administrator account with id 1 through the background user management group permissions. The use condition is that the background user management group authority is required. | |||||
| CVE-2020-18151 | 1 Thinkcmf | 1 Thinkcmf | 2021-07-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross Site Request Forgerly (CSRF) vulnerability in ThinkCMF v5.1.0, which can add an admin account. | |||||