CVE-2018-10249

EPSS 0.51% · P40 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-10249

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

baijiacms 跨站请求伪造漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

baijiacms是一套用于电子商务的内容管理系统（CMS）。 baijiacms 3版本中存在跨站请求伪造漏洞。远程攻击者可借助index.php?mod=site&op=edituser&name=manager&do=user利用该漏洞添加管理员账户。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-10249

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-10249

请登录查看更多情报信息。

Security Blog Posts for CVE-2018-10249 (1)

https://crayon-xin.github.io/2018/04/20/baijiacmsV3-CSRF-add-admin/x_refsource_MISC

https://nvd.nist.gov/vuln/detail/CVE-2018-10249

Same Patch Batch · n/a · 2018-04-20 · 27 CVEs total

CVE-2018-9059		EFS Easy File Sharing Web Server 缓冲区错误漏洞
CVE-2018-10238		BACnet Protocol Stack 缓冲区错误漏洞
CVE-2018-10201		NComputing vSpace Pro NC Monitor Server 安全漏洞
CVE-2018-10248		WUZHI CMS 跨站请求伪造漏洞
CVE-2018-10245		AWStats 安全漏洞
CVE-2018-10250		iCMS 跨站脚本漏洞
CVE-2018-8826		多款ASUS产品安全漏洞
CVE-2014-6112		IBM Tivoli Identity Manager和Security Identity Manager 安全漏洞
CVE-2014-6111		IBM Tivoli Identity Manager和Security Identity Manager 安全漏洞
CVE-2014-6109		IBM Tivoli Identity Manager和Security Identity Manager 安全漏洞
CVE-2014-6108		IBM Tivoli Identity Manager和Security Identity Manager 安全漏洞
CVE-2014-4782		IBM InfoSphere BigInsights 安全漏洞
CVE-2014-10073		Psensor 路径遍历漏洞
CVE-2014-0900		Android 安全漏洞
CVE-2018-7747		WordPress Caldera Forms插件跨站脚本漏洞
CVE-2018-10176		Digital Guardian Management Console 路径遍历漏洞
CVE-2018-10175		Digital Guardian Management Console 安全漏洞
CVE-2018-10174		Digital Guardian Management Console 安全漏洞
CVE-2018-10173		Digital Guardian Management Console 安全漏洞
CVE-2018-10079		Geist WatchDog Console 安全漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-10249

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-10249

I. Basic Information for CVE-2018-10249

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-10249

III. Intelligence Information for CVE-2018-10249

Security Blog Posts for CVE-2018-10249 (1)

Same Patch Batch · n/a · 2018-04-20 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-10249

Leave a comment