Lucene search

K

MitreCVELIST:CVE-2012-4773

HistoryOct 22, 2012 - 11:00 p.m.

CVE-2012-4773

2012-10-2223:00:00

mitre

www.cve.org

7.1 High

AI Score

Confidence

Low

0.043 Low

EPSS

Percentile

92.4%

Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS before 2.2.3 allow remote attackers to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an administrator account via an add action to admin/accounts/add/.

References

archives.neohapsis.com/archives/bugtraq/2012-10/0096.html

packetstormsecurity.org/files/116433

packetstormsecurity.org/files/117460/Subrion-CMS-2.2.1-XSS-CSRF-SQL-Injection.html

secunia.com/advisories/51013

www.osvdb.org/85999

www.subrion.com/forums/announcements/934-subrion-2-2-3-open-source-cms-core-available.html

www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5106.php

exchange.xforce.ibmcloud.com/vulnerabilities/78469

exchange.xforce.ibmcloud.com/vulnerabilities/79469

www.htbridge.com/advisory/HTB23113

7.1 High

AI Score

Confidence

Low

0.043 Low

EPSS

Percentile

92.4%

Related for CVELIST:CVE-2012-4773

nvd1 prion1 cve1 exploitpack1 securityvulns2 packetstorm1 htbridge1 exploitdb1