Timgreen

timgreen

8 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-50650 1Timgreen 1Python Book Jun 17, 2025 Nov 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
CVE-2024-50649 1Timgreen 1Python Book Jun 17, 2025 Nov 15, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability.
CVE-2024-50966 1Timgreen 1Dingfanzu Cms May 28, 2025 Nov 8, 2024 N/A· v4 9.3 CRITICAL· v3 N/A· v2 dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addAdmin.
CVE-2024-48291 1Timgreen 1Dingfanzu Cms May 27, 2025 Oct 28, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=editAdmin&id=17
CVE-2024-48191 1Timgreen 1Dingfanzu Cms May 27, 2025 Oct 28, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=delAdmin&id=17
CVE-2024-48758 1Timgreen 1Dingfanzu Cms May 27, 2025 Oct 16, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro parameter of the component doAdminAction.php which allows a remote attacker to execute arbitrary code
CVE-2024-46600 1Timgreen 1Dingfanzu Cms May 27, 2025 Sep 25, 2024 N/A· v4 4.7 MEDIUM· v3 N/A· v2 dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/doAdminAction.php?act=delCate&id=31
CVE-2024-46485 1Timgreen 1Dingfanzu Cms May 27, 2025 Sep 25, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=addCate