Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2022/02/24 3:15 p.m.7 views

CVE-2022-21179

Cross-site request forgery CSRF vulnerability in EC-CUBE plugin 'Mail Magazine Management Plugin' ver4.0.0 to 4.1.1 for EC-CUBE 4 series and ver1.0.0 to 1.0.4 for EC-CUBE 3 series allows a remote unauthenticated attacker to hijack the authentication of an administrator via a specially crafted pag...

4.3CVSS5.8AI score0.00465EPSS
Exploits0References3
NVD
NVD
added 2022/02/24 3:15 p.m.26 views

CVE-2022-21179

Cross-site request forgery CSRF vulnerability in EC-CUBE plugin 'Mail Magazine Management Plugin' ver4.0.0 to 4.1.1 for EC-CUBE 4 series and ver1.0.0 to 1.0.4 for EC-CUBE 3 series allows a remote unauthenticated attacker to hijack the authentication of an administrator via a specially crafted pag...

4.3CVSS0.00465EPSS
Exploits0References2
Prion
Prion
added 2022/02/24 3:15 p.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in EC-CUBE plugin 'Mail Magazine Management Plugin' ver4.0.0 to 4.1.1 for EC-CUBE 4 series and ver1.0.0 to 1.0.4 for EC-CUBE 3 series allows a remote unauthenticated attacker to hijack the authentication of an administrator via a specially crafted pag...

4.3CVSS4.8AI score0.00465EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/24 9:50 a.m.19 views

CVE-2022-21179

Cross-site request forgery CSRF vulnerability in EC-CUBE plugin 'Mail Magazine Management Plugin' ver4.0.0 to 4.1.1 for EC-CUBE 4 series and ver1.0.0 to 1.0.4 for EC-CUBE 3 series allows a remote unauthenticated attacker to hijack the authentication of an administrator via a specially crafted pag...

4.3CVSS7.1AI score0.00465EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/02/24 9:50 a.m.30 views

CVE-2022-21179

Cross-site request forgery CSRF vulnerability in EC-CUBE plugin 'Mail Magazine Management Plugin' ver4.0.0 to 4.1.1 for EC-CUBE 4 series and ver1.0.0 to 1.0.4 for EC-CUBE 3 series allows a remote unauthenticated attacker to hijack the authentication of an administrator via a specially crafted pag...

5.1AI score0.00465EPSS
Exploits0References2
CVE
CVE
added 2022/02/24 9:50 a.m.77 views

CVE-2022-21179

The CVE-2022-21179 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the EC-CUBE plugin Mail Magazine Management Plugin, affecting versions 4.0.0–4.1.1 (EC-CUBE 4 series) and 1.0.0–1.0.4 (EC-CUBE 3 series). A remote unauthenticated attacker can hijack an administrator’s session...

4.3CVSS4.8AI score0.00465EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/02/22 5:9 a.m.4 views

EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery

Overview EC-CUBE plugin "Mail Magazine Management Plugin" provided by EC-CUBE CO.,LTD. contains a cross-site request forgery vulnerability CWE-352. Kenta Yamamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...

4.3CVSS6.6AI score0.00465EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/02/22 12:0 a.m.57 views

JVN#67108459: EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery

EC-CUBE plugin "Mail Magazine Management Plugin" provided by EC-CUBE CO.,LTD. contains a cross-site request forgery vulnerability CWE-352. Impact If a user with an administrative privilege views a malicious page while logged in to EC-CUBE which the plugin is installed, Mail Magazine Templates...

4.3CVSS4.6AI score0.00465EPSS
Exploits0
Rows per page
Query Builder