VYPR
Vendor

ignitedcms

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2020-18694HigAug 6, 2021
    risk 0.57cvss 8.8epss 0.01

    Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via the component "/admin/profile/save_profile".

  • CVE-2019-13370HigJul 6, 2019
    risk 0.57cvss 8.8epss 0.01

    index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator.

  • CVE-2018-15203MedAug 8, 2018
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered in Ignited CMS through 2017-02-19. ign/index.php/admin/pages/add_page allows a CSRF attack to add pages.