Lucene search
K

7 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Apache Archiva 1.0 - 1.3.1 CSRF Vulnerability

No description provided by source. ANATOLIA SECURITY ADVISORY -------------------------------------- ADVISORY INFO + Title: Apache Archiva Cross-site Request Forgery Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-001.txt + Advisory ID: 2010-001 + Versions: Archiva 1...

6.8CVSS6.5AI score0.04837EPSS
Exploits4
securityvulns
securityvulns
added 2011/02/11 12:0 a.m.60 views

[SECURITY] CVE-2010-3449: Apache Continuum CSRF vulnerability

CVE-2010-3449: Apache Continuum CSRF vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Continuum 1.3.6 Continuum 1.4.0 Beta The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected. Description: Administrators are able to change any user's...

6.8CVSS0.3AI score0.04837EPSS
Exploits4
exploitpack
exploitpack
added 2010/12/09 12:0 a.m.27 views

Apache Archiva 1.0 1.3.1 - Cross-Site Request Forgery

Apache Archiva 1.0 1.3.1 - Cross-Site Request Forgery ANATOLIA SECURITY ADVISORY -------------------------------------- ADVISORY INFO + Title: Apache Archiva Cross-site Request Forgery Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-001.txt + Advisory ID: 2010-001 +...

6.8CVSS0.6AI score0.04837EPSS
Exploits4
Exploit DB
Exploit DB
added 2010/12/09 12:0 a.m.44 views

Apache Archiva 1.0 < 1.3.1 - Cross-Site Request Forgery

ANATOLIA SECURITY ADVISORY -------------------------------------- ADVISORY INFO + Title: Apache Archiva Cross-site Request Forgery Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-001.txt + Advisory ID: 2010-001 + Versions: Archiva 1.0 to 1.3.1 + Date: 29/09/2010 +...

6.8CVSS6.4AI score0.04837EPSS
Exploits4
NVD
NVD
added 2010/12/06 8:13 p.m.18 views

CVE-2010-3449

Cross-site request forgery CSRF vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 through 1.2.3.1; allows remote attackers to hijack the authentication of...

6.8CVSS6.9AI score0.04837EPSS
Exploits4References19
Prion
Prion
added 2010/12/06 8:13 p.m.23 views

Cross site request forgery (csrf)

Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a 1 unattended...

6.8CVSS7.3AI score0.04837EPSS
Exploits4References3Affected Software1
CVE
CVE
added 2010/12/06 8:0 p.m.71 views

CVE-2010-3449

CVE-2010-3449 is a CSRF flaw in Redback (used by Apache Archiva and Apache Continuum) that allows an attacker to hijack administrator sessions to modify credentials. Affected products include Archiva 1.0–1.3.1 (and related Continuum versions) with Redback versions before 1.2.4 used for authentica...

6.8CVSS7AI score0.04837EPSS
Exploits4References19Affected Software2
Rows per page
Query Builder