7 matches found
CVE-2013-2754
Cross-site request forgery CSRF vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/...
UMI CMS 2.9 - Cross-Site Request Forgery
Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference: CVE-2013-275...
UMI CMS 2.9 - Cross-Site Request Forgery
UMI CMS 2.9 - Cross-Site Request Forgery Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request...
Cross-Site Request Forgery (CSRF) in UMI.CMS
Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference: CVE-2013-275...
UMI.CMS 2.9 Cross Site Request Forgery Vulnerability
UMI.CMS version 2.9 suffers from a cross site request forgery vulnerability. Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type:...
UMI.CMS 2.9 Cross Site Request Forgery
Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference: CVE-2013-275...
Cross-Site Request Forgery (CSRF) in UMI.CMS
High-Tech Bridge Security Research Lab discovered CSRF vulnerability in UMI.CMS, which can be exploited to perform Cross-Site Request Forgery CSRF attacks and create new administrator in the vulnerable application. 1 Cross-site Request Forgery CSRF in UMI.CMS: CVE-2013-2754 The application allows...