CVE-2018-19376

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-19376

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-19376.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-19376

Published

2018-11-20T21:29:00.900Z

Modified

2025-11-14T08:13:38.635453Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to delete a log file via the index.php?m=admin&c=data&a=clear URI.

References

https://github.com/GreenCMS/GreenCMS/issues/114

Affected packages

Git / github.com/greencms/greencms

Affected ranges

Type: GIT
Repo: https://github.com/greencms/greencms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

c2f73d2e2b03d8a34b9132cb4a904acb75eb5e28

Affected versions

v2.*

v2.3.0101

v2.3.0215

v2.3.0603

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-19376.json"