Lucene search
HistoryFeb 24, 2012 - 1:55 p.m.
CVE-2012-0997
cve-2012-0997
csrf
vulnerability
admin/index.php
11in1
hijack authentication
addtopic action
7.1 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.1%
Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 allows remote attackers to hijack the authentication of administrators for requests that add new topics via an addTopic action.
| CPE | Name | Operator | Version |
|---|---|---|---|
| 11in1:11in1 | 11in1 | eq | 1.2.1 |
References
Related
cvelist
cvelist
CVE-2012-0997
2022-10-03 16:15:40
prion
prion
Cross site request forgery (csrf)
2012-02-24 13:55:00
packetstorm
packetstorm
securityvulns
securityvulns
Multiple vulnerabilities in 11in1
2012-02-22 00:00:00
htbridge
htbridge
Multiple vulnerabilities in 11in1
2012-01-25 00:00:00
openvas
openvas
11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
2012-02-16 00:00:00
11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
2012-02-16 00:00:00
7.1 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
52.1%
Related for CVE-2012-0997