CVE-2024-9282

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Sep 27, 2024

Updated: Oct 4, 2024

CWE ID 352

Summary

CVE-2024-9282 is a newly disclosed vulnerability affecting bg5sbk MiniCMS version 1.11. This issue, classified as problematic, impacts an unspecified function within the page-edit.php file. The vulnerability enables an attacker to carry out cross-site request forgery, which can be exploited remotely. The exploit has been made public, increasing the risk of potential attacks. The initial researcher advisory indicates that the vendor was contacted about this disclosure but failed to respond. Confusing version and file name information add to the complexity of addressing this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

MiniCMS

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners