Lucene search
HistoryAug 19, 2013 - 1:07 p.m.
CVE-2013-4881
cve-2013-4881
csrf
vulnerability
bigtree cms
security
nvd
7 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
59.3%
Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/create.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create an administrative user via an add user action to index.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bigtreecms:bigtree_cms | bigtreecms bigtree cms | eq | 4.0 |
Related
prion
prion
Cross site request forgery (csrf)
2013-08-19 13:07:00
exploitdb
exploitdb
BigTree CMS Cross Site Request Forgery Vulnerability
2013-07-17 00:00:00
BigTree CMS 4.0 RC2 - Multiple Vulnerabilities
2013-08-08 00:00:00
securityvulns
securityvulns
Multiple Vulnerabilities in BigTree CMS
2013-09-09 00:00:00
packetstorm
packetstorm
BigTree CMS 4.0 RC2 XSS / CSRF / SQL Injection
2013-08-08 00:00:00
exploitpack
exploitpack
BigTree CMS 4.0 RC2 - Multiple Vulnerabilities
2013-08-08 00:00:00
htbridge
htbridge
Multiple Vulnerabilities in BigTree CMS
2013-07-17 00:00:00
openvas
openvas
BigTree CMS Multiple Vulnerabilities
2013-08-19 00:00:00
7 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
59.3%
Related for CVE-2013-4881