Search...

CVE-2009-4826

2010-04-27T11:30:01

ID CVE-2009-4826
Type cve
Reporter NVD
Modified 2010-05-24T00:00:00

Description

Cross-site request forgery (CSRF) vulnerability in hosting/admin_ac.php in ScriptsEz Mini Hosting Panel allows remote attackers to hijack the authentication of administrators for requests that alter administrative settings via a cp action.

JSON Vulners Source

Initial Source

{"viewCount": 0, "lastseen": "2016-09-03T13:17:49", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "type": "cve", "description": "Cross-site request forgery (CSRF) vulnerability in hosting/admin_ac.php in ScriptsEz Mini Hosting Panel allows remote attackers to hijack the authentication of administrators for requests that alter administrative settings via a cp action.", "assessment": {"name": "", "system": "", "href": ""}, "reporter": "NVD", "published": "2010-04-27T11:30:01", "history": [], "title": "CVE-2009-4826", "cpe": ["cpe:/a:scriptsez:mini_hosting_panel"], "bulletinFamily": "NVD", "edition": 1, "scanner": [], "id": "CVE-2009-4826", "cvelist": ["CVE-2009-4826"], "hash": "b4de52321b8d4b723592d8f24a694943a224749e849c0dee997ab045c86c5499", "modified": "2010-05-24T00:00:00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4826", "objectVersion": "1.2", "references": ["http://www.exploit-db.com/exploits/10444", "http://www.vupen.com/english/advisories/2009/3525"], "enchantments": {"vulnersScore": 6.8}}

{"result": {"exploitdb": [{"id": "EDB-ID:10444", "type": "exploitdb", "title": "mini Hosting Panel - CSRF Change Admin Settings", "description": "mini Hosting Panel XSRF Change Admin Settings. CVE-2009-4826. Webapps exploit for php platform", "published": "2009-12-14T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/10444/", "cvelist": ["CVE-2009-4826"], "lastseen": "2016-02-01T12:30:44"}]}}