Lucene search
HistoryApr 24, 2015 - 2:59 p.m.
CVE-2011-4403
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.003
Percentile
65.6%
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php.
Affected configurations
Node
zen-cartzen_cartMatch1.3.9h
Related
packetstorm
packetstorm
Zen-Cart 1.3.9h Cross Site Request Forgery
2012-02-11 00:00:00
seebug
seebug
Zen Cart 'path_to_admin/product.php'θ·¨η«θ―·ζ±δΌͺι ζΌζ΄
2012-02-13 00:00:00
cvelist
cvelist
CVE-2011-4403
2015-04-24 14:00:00
prion
prion
Cross site request forgery (csrf)
2015-04-24 14:59:00
exploitdb
exploitdb
cve
cve
CVE-2011-4403
2015-04-24 14:59:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.003
Percentile
65.6%
Related for NVD:CVE-2011-4403