CVE-2024-7106

Severity CVSS v4.0:
Pending analysis
Type:
CWE-352 Cross-Site Request Forgery (CSRF)
Publication date:
25/07/2024
Last modified:
13/08/2024

Description

A vulnerability classified as problematic was found in Spina CMS 2.18.0. Affected by this vulnerability is an unknown functionality of the file /admin/media_folders. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272431. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:denkgroot:spina:*:*:*:*:*:*:*:* 2.18.0 (including)