Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | Axous 1.1.1 Multiple Vulnerabilities (CSRF - Persistent XSS) | 15 May 201200:00 | – | zdt |
 | CVE-2012-2629 | 16 May 201200:00 | – | circl |
 | Axous has multiple vulnerabilities | 20 Feb 202000:00 | – | cnvd |
 | CVE-2012-2629 | 20 Feb 202003:46 | – | cvelist |
 | Axous 1.1.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting | 16 May 201200:00 | – | exploitdb |
 | EUVD-2012-2615 | 7 Oct 202500:30 | – | euvd |
 | Axous 1.1.1 - Cross-Site Request Forgery Persistent Cross-Site Scripting | 16 May 201200:00 | – | exploitpack |
 | CVE-2012-2629 | 20 Feb 202004:15 | – | nvd |
 | Axous 1.1.1 Cross Site Request Forgery / Cross Site Scripting | 15 May 201200:00 | – | packetstorm |
 | Cross site scripting | 20 Feb 202004:15 | – | prion |
10
| Source | Link |
|---|---|
| packetstormsecurity | www.packetstormsecurity.com/files/112748/Axous-1.1.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html |
| exploit-db | www.exploit-db.com/exploits/18886 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| user_name | request body | admin/administrators_add.php | CSRF vulnerability enabling addition of a new administrator | CWE-352 |
| new_passwd | request body | admin/administrators_add.php | CSRF vulnerability enabling addition of a new administrator | CWE-352 |
| new_passwd1 | request body | admin/administrators_add.php | CSRF vulnerability enabling addition of a new administrator | CWE-352 |
| request body | admin/administrators_add.php | CSRF vulnerability enabling addition of a new administrator | CWE-352 | |
| dosubmit | request body | admin/administrators_add.php | CSRF vulnerability enabling addition of a new administrator | CWE-352 |
| id | request body | admin/administrators_add.php | CSRF vulnerability enabling addition of a new administrator | CWE-352 |
| action | request body | admin/administrators_add.php | CSRF vulnerability enabling addition of a new administrator | CWE-352 |
| page_title | request body | admin/content_pages_edit.php | Persistent XSS via page_title parameter | CWE-352 |
| category_name[1] | request body | admin/products_category.php | Persistent XSS via category_name[1] parameter | CWE-352 |
| site_name | request body | admin/settings_siteinfo.php | Persistent XSS via site info fields site_name/seo_title/meta_keywords | CWE-352 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Nov 2024 01:39Current
8.5High risk
Vulners AI Score8.5
CVSS 26.8
CVSS 3.18.8
EPSS0.0069