Ignitedcms

ignitedcms

Vendor: Ignitedcms • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-18694 1Ignitedcms 1Ignitedcms Jun 17, 2026 Aug 6, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via the component "/admin/profile/save_profile".
CVE-2019-13370 1Ignitedcms 1Ignitedcms Jun 17, 2026 Jul 6, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator.
CVE-2018-15203 1Ignitedcms 1Ignitedcms Nov 21, 2024 Aug 8, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Ignited CMS through 2017-02-19. ign/index.php/admin/pages/add_page allows a CSRF attack to add pages.