Lucene search
K

8 matches found

NVD
NVD
added 2014/03/11 4:17 p.m.25 views

CVE-2013-7334

Cross-site request forgery CSRF vulnerability in ImageCMS before 4.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the q parameter, related to CVE-2012-6290...

6.8CVSS7.8AI score0.00952EPSS
Exploits1References5
Prion
Prion
added 2014/03/11 4:17 p.m.26 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in ImageCMS before 4.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the q parameter, related to CVE-2012-6290...

6.8CVSS8.3AI score0.04234EPSS
Exploits8References5Affected Software1
CVE
CVE
added 2014/03/11 3:0 p.m.48 views

CVE-2012-6290

CVE-2012-6290 affects ImageCMS before 4.2. The vulnerability is a SQL injection in the q parameter sent to /admin/admin_search/, caused by insufficient filtration of input. If exploited, remote authenticated administrators could execute arbitrary SQL commands; CSRF could enable remote unauthentic...

6.5CVSS8.1AI score0.04234EPSS
Exploits7References8Affected Software1
securityvulns
securityvulns
added 2013/01/28 12:0 a.m.90 views

SQL Injection Vulnerability in ImageCMS

Advisory ID: HTB23132 Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...

6.5CVSS0.3AI score0.04234EPSS
Exploits7
Exploit DB
Exploit DB
added 2013/01/25 12:0 a.m.48 views

ImageCMS 4.0.0b - Multiple Vulnerabilities

Advisory ID: HTB23132 Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...

6.5CVSS6.4AI score0.04234EPSS
Exploits7
0day.today
0day.today
added 2013/01/25 12:0 a.m.73 views

ImageCMS 4.0.0b SQL injection/ CSRF Vulnerabilities

Exploit for php platform in category web applications Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: SQL...

7.1AI score0.04234EPSS
Exploits7
exploitpack
exploitpack
added 2013/01/25 12:0 a.m.36 views

ImageCMS 4.0.0b - Multiple Vulnerabilities

ImageCMS 4.0.0b - Multiple Vulnerabilities Advisory ID: HTB23132 Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability...

6.5CVSS0.3AI score0.04234EPSS
Exploits7
Packet Storm
Packet Storm
added 2013/01/24 12:0 a.m.56 views

ImageCMS 4.0.0b SQL Injection

Advisory ID: HTB23132 Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...

6.5CVSS0.3AI score0.04234EPSS
Exploits7
Rows per page
Query Builder