Description

Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=act_add_member".

Related CPE's

a

simple-log_project

simple-log

1.6

Vulnerable

References

https://github.com/github123abc123/bird/issues/1

ExploitThird Party Advisory

https://github.com/github123abc123/bird/issues/1

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-352

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-06-07T17:15:07.520Z

4 years ago

Last modified

2024-11-21T04:08:30.967Z

1 year ago