CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-19829 – Integria IMS 5.0.83 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2018-19829
Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known. Artica Integria IMS 5.0.83 tiene Cross-Site Request Forgery (CSRF) en godmode/usuarios/lista_usuarios, lo que resulta en la capacidad de eliminar un usuario arbitrario cuando se conoce el número de ID. Integria IMS version 5.0.83 suffers from a cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/46013 https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2018-19828 – Integria IMS 5.0.83 - 'search_string' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-19828
Artica Integria IMS 5.0.83 has XSS via the search_string parameter. Artica Integria IMS 5.0.83 tiene Cross-Site Scripting (XSS) mediante el parámetro search_string. Integria IMS version 5.0.83 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/46012 https://hackpuntes.com/cve-2018-19828-integria-ims-5-0-83-cross-site-scripting-reflejado • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •