CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

Prion•added 2012/09/09 9:55 p.m.•8 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in servlet/admin/AuthServlet.java in OpenKM 5.1.7 and other versions before 5.1.8-2 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary code via the script parameter to admin/scripting.jsp...

6.8CVSS8.6AI score0.02125EPSS

Exploits1References10Affected Software1

CVE•added 2012/09/09 9:0 p.m.•40 views

CVE-2012-2316

OpenKM 5.1.7 and earlier versions up to 5.1.8-2 are affected by a CSRF flaw in servlet/admin/AuthServlet.java. The issue allows remote attackers to hijack administrator sessions and cause arbitrary code execution via the script parameter to admin/scripting.jsp. Connected sources confirm the vulne...

6.8CVSS8.3AI score0.02125EPSS

Exploits1References10Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by