Lucene search

[email protected]CVE-2011-0643

HistoryJan 25, 2011 - 7:00 p.m.

CVE-2011-0643

2011-01-2519:00:06

CWE-352

[email protected]

web.nvd.nist.gov

cve-2011-0643

cross-site request forgery

csrf

admin

php link directory

phpld 4.1.0

vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.1%

JSON

Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via the N action.

Affected configurations

NVD

Node

phplinkdirectoryphp_link_directoryMatch4.1.0

CPENameOperatorVersion
phplinkdirectory:php_link_directoryphplinkdirectory php link directoryeq4.1.0

CPE	Name	Operator	Version
phplinkdirectory:php_link_directory	phplinkdirectory php link directory	eq	4.1.0

References

osvdb.org/70627

secunia.com/advisories/43032

www.exploit-db.com/exploits/16037

exchange.xforce.ibmcloud.com/vulnerabilities/64860

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.1%

JSON

Related for CVE-2011-0643

prion1 cvelist1 nvd1