An issue was discovered in WTCMS 1.0. It allows index.php?g=admin&m=setting&a=site_post CSRF.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HWtcms Project Wtcms
APPWtcms Project1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2024-48237CRITICAL9.8PL ✓ten sam produkt
WTCMS 1.0 — błędna kontrola dostępu w HomebaseController
CVE-2019-8908CRITICAL9.8ten sam produkt
An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the...
CVE-2019-8909HIGH7.5ten sam produkt
An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service (resource consum...
CVE-2018-10267HIGH8.8ten sam produkt
WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post U...
CVE-2025-13782MEDIUM5.5ten sam produkt
A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by thi...