Cross site request forgery (csrf)

2012-09-2317:55:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

JSON

Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Conference Systems 2.3.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that upload a PHP file.

CPENameOperatorVersion
open_conference_systemseq2.1.2-1
open_conference_systemseq2.3.3-1
open_conference_systemseq2.1.2
open_conference_systemseq1.1.1
open_conference_systemseq1.0
open_conference_systemseq2.1
open_conference_systemseq2.3.3
open_conference_systemseq2.3.2
open_conference_systemsle2.3.4
open_conference_systemseq1.1.6

Name	Operator	Version
open_conference_systems	eq	2.1.2-1
open_conference_systems	eq	2.3.3-1
open_conference_systems	eq	2.1.2
open_conference_systems	eq	1.1.1
open_conference_systems	eq	1.0
open_conference_systems	eq	2.1
open_conference_systems	eq	2.3.3
open_conference_systems	eq	2.3.2
open_conference_systems	le	2.3.4
open_conference_systems	eq	1.1.6