Vulnerabilities > Creditwestbank > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-03-24 CVE-2018-8972 Cross-Site Request Forgery (CSRF) vulnerability in Creditwestbank Cwcms
Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has CSRF in the functionality for updating the site configuration, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a PHP shell that calls eval on request parameters.
6.8