Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2022-27174
HistoryJun 13, 2022 - 4:50 a.m.

CVE-2022-27174

2022-06-1304:50:28
jpcert
www.cve.org
1
cve-2022-27174
cross-site request forgery
easy blog for ec-cube4
remote attacker
hijack authentication
administrator
delete blog article
delete category

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

26.8%

JSON

Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.

CNA Affected

[
  {
    "product": "Easy Blog for EC-CUBE4",
    "vendor": "COREMOBILE Co. Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "Ver.1.0.1 and earlier"
      }
    ]
  }
]

Related

nvd 1
prion 1
cve 1
jvn 1
cnvd 1
nvd
nvd
CVE-2022-27174
2022-06-13 05:15:11
prion
prion
Cross site request forgery (csrf)
2022-06-13 05:15:00
cve
cve
CVE-2022-27174
2022-06-13 05:15:11
jvn
jvn
JVN#46241173: EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery
2022-05-13 00:00:00
cnvd
cnvd
EC-CUBE Easy Blog for EC-CUBE4 Cross-Site Request Forgery Vulnerability
2022-05-17 00:00:00

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

26.8%

JSON
Related for CVELIST:CVE-2022-27174
nvd1prion1cve1jvn1cnvd1