Dingfanzu Cms

dingfanzu_cms

Vendor: Timgreen • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-50966 1Timgreen 1Dingfanzu Cms May 28, 2025 Nov 8, 2024 N/A· v4 9.3 CRITICAL· v3 N/A· v2 dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addAdmin.
CVE-2024-48291 1Timgreen 1Dingfanzu Cms May 27, 2025 Oct 28, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=editAdmin&id=17
CVE-2024-48191 1Timgreen 1Dingfanzu Cms May 27, 2025 Oct 28, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=delAdmin&id=17
CVE-2024-48758 1Timgreen 1Dingfanzu Cms May 27, 2025 Oct 16, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro parameter of the component doAdminAction.php which allows a remote attacker to execute arbitrary code
CVE-2024-46600 1Timgreen 1Dingfanzu Cms May 27, 2025 Sep 25, 2024 N/A· v4 4.7 MEDIUM· v3 N/A· v2 dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/doAdminAction.php?act=delCate&id=31
CVE-2024-46485 1Timgreen 1Dingfanzu Cms May 27, 2025 Sep 25, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=addCate