Lucene search
K

5 matches found

CVE
CVE
added 2012/12/03 9:0 p.m.55 views

CVE-2012-5450

CMS Made Simple (CMSMS) prior to 1.11.2.1 is affected by a CSRF vulnerability in lib/filemanager/imagemanager/images.php (deld parameter) that allows an authenticated administrator to delete arbitrary files. The issue is documented as CVE-2012-5450 and is linked to a related directory-traversal c...

6.8CVSS7.2AI score0.0087EPSS
Exploits3References7Affected Software1
Cvelist
Cvelist
added 2012/12/03 9:0 p.m.40 views

CVE-2012-5450

Cross-site request forgery CSRF vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple CMSMS 1.11.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deld parameter...

7.1AI score0.0087EPSS
Exploits3References7
securityvulns
securityvulns
added 2012/11/09 12:0 a.m.67 views

Cross-Site Request Forgery (CSRF) in CMS Made Simple

Advisory ID: HTB23121 Product: CMS Made Simple Vendor: cmsmadesimple.org Vulnerable Versions: 1.11.2 and probably prior Tested Version: 1.11.2 Vendor Notification: October 17, 2012 Public Disclosure: November 7, 2012 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference:...

6.8CVSS6.8AI score0.0087EPSS
Exploits3
0day.today
0day.today
added 2012/11/08 12:0 a.m.45 views

CMS Made Simple 1.11.2 Cross Site Request Forgery Vulnerability

CMS Made Simple version 1.11.2 suffers from a cross site request forgery vulnerability. Product: CMS Made Simple Vendor: cmsmadesimple.org Vulnerable Versions: 1.11.2 and probably prior Tested Version: 1.11.2 Vendor Notification: October 17, 2012 Public Disclosure: November 7, 2012 Vulnerability...

7AI score0.0087EPSS
Exploits3
Packet Storm
Packet Storm
added 2012/11/08 12:0 a.m.58 views

CMS Made Simple 1.11.2 Cross Site Request Forgery

Advisory ID: HTB23121 Product: CMS Made Simple Vendor: cmsmadesimple.org Vulnerable Versions: 1.11.2 and probably prior Tested Version: 1.11.2 Vendor Notification: October 17, 2012 Public Disclosure: November 7, 2012 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference:...

6.8CVSS0.2AI score0.0087EPSS
Exploits3
Rows per page
Query Builder