Lucene search
HistoryNov 28, 2014 - 3:59 p.m.
CVE-2014-8429
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.002
Percentile
64.5%
Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page.
Affected configurations
Node
xavocxepan_cmsRangeβ€1.0.1
ORxavocxepan_cmsMatch1.0.4
ORxavocxepan_cmsMatch1.0.4.1
Related
exploitpack
exploitpack
xEpan 1.0.1 - Cross-Site Request Forgery
2014-11-26 00:00:00
securityvulns
securityvulns
Π‘ross-Site Request Forgery (CSRF) in xEpan
2014-12-01 00:00:00
zdt
zdt
xEpan 1.0.1 Cross Site Request Forgery Vulnerability
2014-11-26 00:00:00
cve
cve
CVE-2014-8429
2014-11-28 15:59:06
htbridge
htbridge
Π‘ross-Site Request Forgery (CSRF) in xEpan
2014-10-22 00:00:00
exploitdb
exploitdb
xEpan 1.0.1 - Cross-Site Request Forgery
2014-11-26 00:00:00
cvelist
cvelist
CVE-2014-8429
2014-11-28 15:00:00
packetstorm
packetstorm
xEpan 1.0.1 Cross Site Request Forgery
2014-11-26 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-11-28 15:59:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.002
Percentile
64.5%
Related for NVD:CVE-2014-8429