CVE-2018-10030
published 2018-04-11CVE-2018-10030: CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php.
PriorityP432high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EPSS
0.49%
38.6th percentile
CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cmsmadesimple | cms_made_simple | <= 2.2.7 | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
slurm-llnl vulnerabilities
osv·2023-02-01·CVSS 8.1
CVE-2016-10030 slurm-llnl vulnerabilities
slurm-llnl vulnerabilities
USN-4781-1 fixed several vulnerabilities in Slurm. This update provides
the corresponding updates for Ubuntu 14.04 ESM (CVE-2016-10030) and
Ubuntu 16.04 ESM (CVE-2018-10995).
Original advisory details:
It was discovered that Slurm incorrectly handled certain messages
between the daemon and the user. An attacker could possibly use this
issue to assume control of an arbitrary file on the system. This
issue only affected Ubuntu 16.04 ESM.
(CVE-2016-10030)
It was discovered that Slurm mishandled SPANK environment variables.
An attacker could possibly use this issue to gain elevated privileges.
This issue only affected Ubuntu 16.04 ESM. (CVE-2017-15566)
It was discovered that Slurm mishandled certain SQL queries. A local
attacker could use this issue to gain elev
OSV
slurm-llnl vulnerabilities
osv·2022-05-25·CVSS 8.1
CVE-2016-10030 slurm-llnl vulnerabilities
slurm-llnl vulnerabilities
It was discovered that Slurm incorrectly handled certain messages
between the daemon and the user. An attacker could possibly use this
issue to assume control of an arbitrary file on the system. This
issue only affected Ubuntu 16.04 ESM.
(CVE-2016-10030)
It was discovered that Slurm mishandled SPANK environment variables.
An attacker could possibly use this issue to gain elevated privileges.
This issue only affected Ubuntu 16.04 ESM. (CVE-2017-15566)
It was discovered that Slurm mishandled certain SQL queries. A local
attacker could use this issue to gain elevated privileges. This
issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and
Ubuntu 18.04 ESM. (CVE-2018-7033)
It was discovered that Slurm mishandled user names and group ids. A local
attacker could
GHSA
GHSA-c7m5-9695-pwwr: CMS Made Simple (aka CMSMS) 2
ghsa_unreviewed·2022-05-14
CVE-2018-10030 [HIGH] CWE-352 GHSA-c7m5-9695-pwwr: CMS Made Simple (aka CMSMS) 2
CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-04-11
Published