Lucene search
MitreCVE-2015-6944HistorySep 15, 2015 - 6:59 p.m.
CVE-2015-6944
2015-09-1518:59:03
CWE-352
mitre
web.nvd.nist.gov
22
cve
csrf
jsp
mysql administrador
remote attack
sql injection
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.005
Percentile
76.5%
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to hijack the authentication of users for requests that execute arbitrary SQL commands via the cmd parameter to sys/sys/listaBD2.jsp.
Affected configurations
Node
jsp\/mysql_administrador_web_projectjsp\/mysql_administrador_webMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| jsp\/mysql_administrador_web_project | jsp\/mysql_administrador_web | 1.0 | cpe:2.3:a:jsp\/mysql_administrador_web_project:jsp\/mysql_administrador_web:1.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-6944
2015-09-15 18:00:00
prion
prion
Cross site request forgery (csrf)
2015-09-15 18:59:00
nvd
nvd
CVE-2015-6944
2015-09-15 18:59:03
packetstorm
packetstorm
JSPMySQL Administrador 1 Cross Site Request Forgery / Cross Site Scripting
2015-09-06 00:00:00
exploitdb
exploitdb
JSPMySQL Administrador - Multiple Vulnerabilities
2015-09-07 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.005
Percentile
76.5%
Related for CVE-2015-6944