CyberSec.Space Logo
Back to CVE Browser

CVE-2018-19829

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.1980%
EPSS Percentile40.20th
PublishedDec 18, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.

Affected Platforms (CPE)

πŸ“¦
Artica

Integria Ims

= 5.0.83

References & Advisories

πŸ”— https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/
πŸ”— https://www.exploit-db.com/exploits/46013/
πŸ”— https://hackpuntes.com/cve-2018-19829-integria-ims-5-0-83-cross-site-request-forgery/
πŸ”— https://www.exploit-db.com/exploits/46013/

Related Vulnerabilities

CVE-2019-150919.8

filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arbitrary file upload.

CVE-2021-38329.8

Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. An unauthenticated atta...

CVE-2021-38339.8

Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 h...

CVE-2018-10008128.1

Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for ...