CVE-2016-7904 in CMS Made Simpleinfo

Summary

Cross-site request forgery (CSRF) vulnerability in CMS Made Simple before 2.1.6 allows remote attackers to hijack the authentication of administrators for requests that create accounts via an admin/adduser.php request.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

09/09/2016

Disclosure

01/16/2017

Moderation

VulDB entry created

Entries

VDB-95358 (1)

CPE

ready

CWE

CWE-352 (Confirmed)

CVSS

6.1

EPSS

0.00303

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7904
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7904
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7904/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!