Lucene search
K

7 matches found

NVD
NVD
added 2014/03/11 7:37 p.m.48 views

CVE-2013-2754

Cross-site request forgery CSRF vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/...

6.8CVSS6.9AI score0.02286EPSS
Exploits5References5
Exploit DB
Exploit DB
added 2013/05/14 12:0 a.m.86 views

UMI CMS 2.9 - Cross-Site Request Forgery

Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference: CVE-2013-275...

6.8CVSS6.5AI score0.02286EPSS
Exploits5
exploitpack
exploitpack
added 2013/05/14 12:0 a.m.100 views

UMI CMS 2.9 - Cross-Site Request Forgery

UMI CMS 2.9 - Cross-Site Request Forgery Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request...

6.8CVSS0.6AI score0.02286EPSS
Exploits5
securityvulns
securityvulns
added 2013/05/10 12:0 a.m.85 views

Cross-Site Request Forgery (CSRF) in UMI.CMS

Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference: CVE-2013-275...

6.8CVSS0.02286EPSS
Exploits5
0day.today
0day.today
added 2013/05/09 12:0 a.m.156 views

UMI.CMS 2.9 Cross Site Request Forgery Vulnerability

UMI.CMS version 2.9 suffers from a cross site request forgery vulnerability. Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type:...

6.8CVSS6.5AI score0.02286EPSS
Exploits5
Packet Storm
Packet Storm
added 2013/05/08 12:0 a.m.77 views

UMI.CMS 2.9 Cross Site Request Forgery

Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference: CVE-2013-275...

6.8CVSS0.4AI score0.02286EPSS
Exploits5
htbridge
htbridge
added 2013/04/03 12:0 a.m.55 views

Cross-Site Request Forgery (CSRF) in UMI.CMS

High-Tech Bridge Security Research Lab discovered CSRF vulnerability in UMI.CMS, which can be exploited to perform Cross-Site Request Forgery CSRF attacks and create new administrator in the vulnerable application. 1 Cross-site Request Forgery CSRF in UMI.CMS: CVE-2013-2754 The application allows...

5.1CVSS6.3AI score0.02286EPSS
Exploits5Affected Software1
Rows per page
Query Builder