Lucene search
HistoryAug 19, 2013 - 9:10 p.m.
CVE-2013-5313
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.002
Percentile
52.0%
Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/update.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify arbitrary user accounts via an edit user action.
Affected configurations
Node
bigtreecmsbigtree_cmsRange≤4.0rc2
ORbigtreecmsbigtree_cmsMatch4.0b1
ORbigtreecmsbigtree_cmsMatch4.0b2
ORbigtreecmsbigtree_cmsMatch4.0b3
ORbigtreecmsbigtree_cmsMatch4.0b4
ORbigtreecmsbigtree_cmsMatch4.0b5
ORbigtreecmsbigtree_cmsMatch4.0b6
ORbigtreecmsbigtree_cmsMatch4.0b7
ORbigtreecmsbigtree_cmsMatch4.0rc1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bigtreecms | bigtree_cms | * | cpe:2.3:a:bigtreecms:bigtree_cms:*:rc2:*:*:*:*:*:* |
| bigtreecms | bigtree_cms | 4.0 | cpe:2.3:a:bigtreecms:bigtree_cms:4.0:b1:*:*:*:*:*:* |
| bigtreecms | bigtree_cms | 4.0 | cpe:2.3:a:bigtreecms:bigtree_cms:4.0:b2:*:*:*:*:*:* |
| bigtreecms | bigtree_cms | 4.0 | cpe:2.3:a:bigtreecms:bigtree_cms:4.0:b3:*:*:*:*:*:* |
| bigtreecms | bigtree_cms | 4.0 | cpe:2.3:a:bigtreecms:bigtree_cms:4.0:b4:*:*:*:*:*:* |
| bigtreecms | bigtree_cms | 4.0 | cpe:2.3:a:bigtreecms:bigtree_cms:4.0:b5:*:*:*:*:*:* |
| bigtreecms | bigtree_cms | 4.0 | cpe:2.3:a:bigtreecms:bigtree_cms:4.0:b6:*:*:*:*:*:* |
| bigtreecms | bigtree_cms | 4.0 | cpe:2.3:a:bigtreecms:bigtree_cms:4.0:b7:*:*:*:*:*:* |
| bigtreecms | bigtree_cms | 4.0 | cpe:2.3:a:bigtreecms:bigtree_cms:4.0:rc1:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2013-08-19 21:10:00
cvelist
cvelist
CVE-2013-5313
2022-10-03 16:14:54
cve
cve
CVE-2013-5313
2022-10-03 16:14:54
openvas
openvas
BigTree CMS Multiple Vulnerabilities
2013-08-19 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.002
Percentile
52.0%
Related for NVD:CVE-2013-5313