5 matches found
CVE-2012-5450
CMS Made Simple (CMSMS) prior to 1.11.2.1 is affected by a CSRF vulnerability in lib/filemanager/imagemanager/images.php (deld parameter) that allows an authenticated administrator to delete arbitrary files. The issue is documented as CVE-2012-5450 and is linked to a related directory-traversal c...
CVE-2012-5450
Cross-site request forgery CSRF vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple CMSMS 1.11.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deld parameter...
Cross-Site Request Forgery (CSRF) in CMS Made Simple
Advisory ID: HTB23121 Product: CMS Made Simple Vendor: cmsmadesimple.org Vulnerable Versions: 1.11.2 and probably prior Tested Version: 1.11.2 Vendor Notification: October 17, 2012 Public Disclosure: November 7, 2012 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference:...
CMS Made Simple 1.11.2 Cross Site Request Forgery Vulnerability
CMS Made Simple version 1.11.2 suffers from a cross site request forgery vulnerability. Product: CMS Made Simple Vendor: cmsmadesimple.org Vulnerable Versions: 1.11.2 and probably prior Tested Version: 1.11.2 Vendor Notification: October 17, 2012 Public Disclosure: November 7, 2012 Vulnerability...
CMS Made Simple 1.11.2 Cross Site Request Forgery
Advisory ID: HTB23121 Product: CMS Made Simple Vendor: cmsmadesimple.org Vulnerable Versions: 1.11.2 and probably prior Tested Version: 1.11.2 Vendor Notification: October 17, 2012 Public Disclosure: November 7, 2012 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference:...