Vulnerabilities > Rpcms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-13 | CVE-2022-41475 | Cross-Site Request Forgery (CSRF) vulnerability in Rpcms 3.0.2 RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add an administrator account. | 8.8 |
| 2021-07-26 | CVE-2021-37394 | Unspecified vulnerability in Rpcms In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration. | 8.8 |