6 matches found
EUVD-2013-2693
Malware in sbrugna...
CVE-2013-2754
Cross-site request forgery CSRF vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/...
CVE-2013-2754
Cross-site request forgery CSRF vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/...
CVE-2013-2754
UMI.CMS CSRF vulnerability (CVE-2013-2754) affects UMI.CMS 2.9 and earlier, via the admin/users/add/user/do/ endpoint. The issue allows an attacker to craft requests that run with an authenticated administrator’s privileges to create new administrator accounts, effectively hijacking admin access....
UMI CMS 2.9 - Cross-Site Request Forgery
Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Versions: 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference: CVE-2013-275...