Aggregates CVE and security vulnerability intelligence across all srcms_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-19319 | SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=gifts&a=update to change goods prices with the super administrator's privileges. | [email protected] | 6.5 | 0.06% | 2018-11-16 | 2024-11-21 |
| CVE-2018-19318 | SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account. | [email protected] | 8.8 | 0.14% | 2018-11-16 | 2024-11-21 |
| CVE-2018-14069 | An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add. | [email protected] | 8.8 | 0.07% | 2018-07-15 | 2024-11-21 |
| CVE-2018-14068 | An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add. | [email protected] | 8.8 | 0.14% | 2018-07-15 | 2024-11-21 |