Lucene search
HistorySep 22, 2010 - 8:00 p.m.
CVE-2010-3483
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.2
Confidence
High
EPSS
0.013
Percentile
85.8%
cms_write.php in Primitive CMS 1.0.9 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request. NOTE: this vulnerability can be leveraged to conduct cross-site scripting attacks, as demonstrated using the (1) title, (2) content, and (3) menutitle parameters.
Affected configurations
Node
bouzousteprimitive_cmsMatch1.0.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bouzouste | primitive_cms | 1.0.9 | cpe:2.3:a:bouzouste:primitive_cms:1.0.9:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2010-09-22 20:00:00
Sql injection
2010-09-22 20:00:00
cvelist
cvelist
CVE-2010-3483
2010-09-22 19:00:00
CVE-2010-3482
2010-09-22 19:00:00
cve
cve
CVE-2010-3483
2010-09-22 20:00:10
CVE-2010-3482
2010-09-22 20:00:10
exploitdb
exploitdb
primitive CMS 1.0.9 - Multiple Vulnerabilities
2010-09-20 00:00:00
nvd
nvd
CVE-2010-3482
2010-09-22 20:00:10
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.2
Confidence
High
EPSS
0.013
Percentile
85.8%
Related for NVD:CVE-2010-3483