Lucene search

[email protected]CVE-2015-6517

HistoryAug 18, 2015 - 6:00 p.m.

CVE-2015-6517

2015-08-1818:00:23

CWE-352

[email protected]

web.nvd.nist.gov

cve-2015-6517

cross-site request forgery

csrf vulnerability

phpliteadmin 1.1

remote attackers

user authentication

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

81.0%

JSON

Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.

Affected configurations

NVD

Node

phpliteadmin_projectphpliteadminMatch1.1

CPENameOperatorVersion
phpliteadmin_project:phpliteadminphpliteadmin project phpliteadmineq1.1

CPE	Name	Operator	Version
phpliteadmin_project:phpliteadmin	phpliteadmin project phpliteadmin	eq	1.1

References

packetstormsecurity.com/files/132580/phpLiteAdmin-1.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html

www.securityfocus.com/archive/1/535936/100/0/threaded

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

81.0%

JSON

Related for CVE-2015-6517

cvelist1 nvd1 prion1 debiancve1 openvas1