Lucene search
K

4 matches found

0day.today
0day.today
added 2014/08/26 12:0 a.m.76 views

Innovaphone PBX Admin-GUI - CSRF Vulnerability

Exploit for multiple platform in category web applications Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX...

6.8CVSS6.6AI score0.01224EPSS
Exploits6
CVE
CVE
added 2014/08/25 4:0 p.m.55 views

CVE-2014-5335

CVE-2014-5335 concerns CSRF in the Innovaphone PBX Admin-GUI. The issue affects all known versions up to 10.00 sr11, where an authenticated administrator could be targeted to modify configurations or user data via forged requests without proper origin checks. Documentation provides concrete attac...

6.8CVSS7.3AI score0.01224EPSS
Exploits6References1Affected Software1
Cvelist
Cvelist
added 2014/08/25 4:0 p.m.24 views

CVE-2014-5335

Multiple cross-site request forgery CSRF vulnerabilities in innovaphone PBX 10.00 sr11 and earlier allow remote attackers to hijack the authentication of administrators for requests that modify configurations or user accounts, as demonstrated by 1 changing the administrator password via a crafted...

7.2AI score0.01224EPSS
Exploits6References1
exploitpack
exploitpack
added 2014/08/25 12:0 a.m.49 views

Innovaphone PBX Admin-GUI - Cross-Site Request Forgery

Innovaphone PBX Admin-GUI - Cross-Site Request Forgery Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX...

6.8CVSS0.5AI score0.01224EPSS
Exploits6
Rows per page
Query Builder