CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48914
https://notcve.org/view.php?id=CVE-2023-48914
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/add. Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/archives/add. • https://github.com/Tiamat-ron/cms/blob/main/There%20is%20a%20csrf%20in%20the%20newly%20added%20section%20of%20article%20management.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48017
https://notcve.org/view.php?id=CVE-2023-48017
Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF) via Add permissions to CSRF in Permission Management. Dreamer_cms 4.1.3 es vulnerable a Cross Site Request Forgery (CSRF) a través de Agregar permisos a CSRF en Gestión de Permisos. • https://github.com/moonsabc123/dreamer_cms/blob/main/Add%20permissions%20to%20CSRF%20in%20Permission%20Management.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48020
https://notcve.org/view.php?id=CVE-2023-48020
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/changeStatus. Se descubrió que Dreamer CMS v4.1.3 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /admin/task/changeStatus. • https://github.com/moonsabc123/dreamer_cms/blob/main/Enable%20CSRF%20for%20Task%20Management%20Office.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48021
https://notcve.org/view.php?id=CVE-2023-48021
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/update. Se descubrió que Dreamer CMS v4.1.3 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /admin/task/update. • https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20CSRF%20in%20the%20task%20management%20editing%20task%20area.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48063
https://notcve.org/view.php?id=CVE-2023-48063
An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a theme project via /admin/category/delete. Se descubrió un problema en dreamer_cms 4.1.3. Existe una vulnerabilidad CSRF que puede eliminar un proyecto de tema a través de /admin/category/delete. • https://github.com/CP1379767017/cms/blob/dreamcms_vul/There%20is%20a%20CSRF%20vulnerability%20at%20th%20menu%20management%20location.md • CWE-352: Cross-Site Request Forgery (CSRF) •