Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
HtbridgeRecent
RecentMost viewed

559 matches found

htbridge
htbridgeadded 2014/01/30 12:0 a.m.136 views

SQL Injection in AdRotate

High-Tech Bridge Security Research Lab discovered vulnerability in AdRotate, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in AdRotate: CVE-2014-1854 The vulnerability exists due to insufficient validation of "track" HTTP GET parameter passed to...

7.5CVSS1.5AI score0.0992EPSS
Exploits7Affected Software1
htbridge
htbridgeadded 2014/01/29 12:0 a.m.35 views

Two Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel

High-Tech Bridge Security Research Lab discovered two vulnerabilities in Seo Panel, which can be exploited to perform Cross-Site Scripting XSS attacks agains users of the vulnerable application to steal their sensitive data. 1 Two Cross-Site Scripting XSS in Seo Panel: CVE-2014-1855 1.1 The...

4.3CVSS6AI score0.0041EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2014/01/22 12:0 a.m.38 views

Multiple Vulnerabilities in Eventum

High-Tech Bridge Security Research Lab discovered vulnerability in Eventum, which can be exploited to reinstall and compromise vulnerable application. 1 Incorrect Default Permissions in Eventum: CVE-2014-1631 The vulnerability exists due to incorrect default permission set for installation script...

10CVSS1.3AI score0.27603EPSS
Exploits6Affected Software1
htbridge
htbridgeadded 2014/01/15 12:0 a.m.51 views

SQL Injection in doorGets CMS

High-Tech Bridge Security Research Lab discovered vulnerability in doorGets CMS, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in doorGets CMS: CVE-2014-1459 The vulnerability exists due to insufficient validation of "positiondownid" HTTP POST parameter passed to...

5.1CVSS8AI score0.01181EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2014/01/08 12:0 a.m.67 views

Multiple SQL Injection Vulnerabilities in AuraCMS

High-Tech Bridge Security Research Lab discovered two SQL injection vulnerabilities in AuraCMS, which can be exploited to alter SQL queries and execute arbitrary SQL commands in application's database. 1 Multiple SQL Injection Vulnerabilities in AuraCMS: CVE-2014-1401 1.1 The vulnerability exists...

6.5CVSS8.2AI score0.02298EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2014/01/02 12:0 a.m.45 views

SQL Injection in JV Comment Joomla Extension

High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in JV Comment Joomla Extension, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in JV Comment Joomla Extension: CVE-2014-0794 The vulnerability exists due to insufficient validation of "id" HTTP...

6.5CVSS8.1AI score0.00017EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2014/01/02 12:0 a.m.54 views

Cross-Site Scripting (XSS) in Komento Joomla Extension

High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in Komento Joomla Extension, which can be exploited to perform script insertion attacks. 1 Cross-Site Scripting XSS in Komento Joomla Extension: CVE-2014-0793 1.1 The vulnerability exists due to insufficient sanitisation of...

4.3CVSS5.6AI score0.00734EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2013/12/26 12:0 a.m.49 views

SQL Injection in Sexy Polling Joomla Extension

High-Tech Bridge Security Research Lab discovered vulnerability in Sexy Polling Joomla Extension, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Sexy Polling Joomla Extension: CVE-2013-7219 The vulnerability exists due to insufficient validation of "answerid" HTTP POS...

7.5CVSS7.9AI score0.00224EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/12/18 12:0 a.m.35 views

Improper Authentication in Burden

High-Tech Bridge Security Research Lab discovered vulnerability in application authentication mechanism in Burden, which can be exploited by remote non-authenticated attacker to gain administrative access to the vulnerable application. 1 Improper Authentication in Burden: CVE-2013-7137 The...

7.5CVSS9.4AI score0.09794EPSS
Exploits6Affected Software1
htbridge
htbridgeadded 2013/12/18 12:0 a.m.37 views

Multiple Vulnerabilities in Horizon QCMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Horizon QCMS, which can be exploited to read contents of arbitrary files and perform SQL Injection attacks. 1 Path Traversal in Horizon QCMS: CVE-2013-7138 The vulnerability exists due to insufficient filtration of...

7.5CVSS8.2AI score0.00332EPSS
Exploits9Affected Software1
htbridge
htbridgeadded 2013/12/11 12:0 a.m.50 views

Path Traversal in eduTrac

High-Tech Bridge Security Research Lab discovered path traversal vulnerability in eduTrac which can be exploited to read arbitrary files on vulnerable system with privileges of web server. 1 Path Traversal in eduTrac: CVE-2013-7097 The vulnerability exists due to insufficient filtration of...

5CVSS6.5AI score0.14658EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/12/05 12:0 a.m.39 views

Сross-Site Request Forgery (CSRF) in AskApache Firefox Adsense Wordpress plugin

High-Tech Bridge Security Research Lab discovered vulnerability in AskApache Firefox Adsense Wordpress plugin, which can be exploited to perform Сross-Site Request Forgery CSRF attacks. 1 Сross-Site Request Forgery CSRF in AskApache Firefox Adsense Wordpress plugin: CVE-2013-6992 The vulnerabilit...

2.6CVSS1AI score0.00137EPSS
Exploits4Affected Software1
htbridge
htbridgeadded 2013/12/05 12:0 a.m.74 views

Cross-Site Scripting (XSS) in WP-Cron Dashboard Wordpress plugin

High-Tech Bridge Security Research Lab discovered vulnerability in WP-Cron Dashboard Wordpress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in WP-Cron Dashboard Wordpress plugin: CVE-2013-6991 The vulnerability exists due to insufficient...

2.6CVSS0.3AI score0.00473EPSS
Exploits4Affected Software1
htbridge
htbridgeadded 2013/12/05 12:0 a.m.40 views

Cross-Site Scripting (XSS) in Ad-minister Wordpress plugin

High-Tech Bridge Security Research Lab discovered vulnerability in Ad-minister Wordpress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Ad-minister Wordpress plugin: CVE-2013-6993 The vulnerability exists due to insufficient sanitisation ...

2.6CVSS0.3AI score0.0027EPSS
Exploits4Affected Software1
htbridge
htbridgeadded 2013/11/25 12:0 a.m.51 views

XSS and Full Path Disclosure in MijoSearch Joomla Extension

High-Tech Bridge Security Research Lab discovered 2 vulnerabilities in MijoSearch Joomla Extension, which can be exploited to gain access to potentially sensitive data and perform Cross-Site Scripting XSS attacks against users of vulnerable application. 1 Cross-site Scripting in MijoSearch:...

4.3CVSS6.1AI score0.00413EPSS
Exploits4Affected Software1
htbridge
htbridgeadded 2013/11/20 12:0 a.m.36 views

SQL Injection in InstantCMS

High-Tech Bridge Security Research Lab discovered blind SQL injection vulnerability in InstantCMS, which can be exploited to perform SQL Injection attacks, alter SQL requests and compromise vulnerable application. 1 SQL Injection in InstantCMS: CVE-2013-6839 The vulnerability exists due to...

7.5CVSS8.6AI score0.00486EPSS
Exploits7Affected Software1
htbridge
htbridgeadded 2013/11/13 12:0 a.m.29 views

Cross-Site Scripting (XSS) in Jamroom

High-Tech Bridge Security Research Lab discovered vulnerability in Jamroom, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Jamroom: CVE-2013-6804 The vulnerability exists due to insufficient sanitisation of user-supplied data in "searchstring" HT...

4.3CVSS5.8AI score0.00285EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/11/06 12:0 a.m.48 views

User Identity Spoofing in Bitrix Site Manager

High-Tech Bridge Security Research Lab discovered vulnerability in Bitrix Site Manager, which can be exploited to spoof user's identity and read, modify or delete pre-ordered items in customer's basket. 1 User Identity Spoofing in Bitrix Site Manager: CVE-2013-6788 The vulnerability exists due to...

6.8CVSS6.3AI score0.00433EPSS
Exploits2Affected Software1
htbridge
htbridgeadded 2013/11/06 12:0 a.m.118 views

SQL Injection in Chamilo LMS

High-Tech Bridge Security Research Lab discovered vulnerability in Chamilo LMS, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Chamilo LMS: CVE-2013-6787 The vulnerability exists due to insufficient validation of "password0" HTTP POST parameter passed to...

6CVSS7.6AI score0.00591EPSS
Exploits6Affected Software1
htbridge
htbridgeadded 2013/10/30 12:0 a.m.27 views

SQL Injection in Dokeos

High-Tech Bridge Security Research Lab discovered vulnerability in Dokeos, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Dokeos: CVE-2013-6341 The vulnerability exists due to insufficient validation of "language" HTTP GET parameter passed to "/index.php" script. A...

7.5CVSS8.1AI score0.00921EPSS
Exploits6Affected Software1
htbridge
htbridgeadded 2013/10/25 12:0 a.m.82 views

Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin

High-Tech Bridge Security Research Lab discovered vulnerability in Tweet Blender Wordpress Plugin, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Tweet Blender Wordpress Plugin: CVE-2013-6342 1.1 The vulnerability exists due to insufficient...

2.6CVSS5.5AI score0.00473EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/10/23 12:0 a.m.32 views

Multiple Cross-Site Scripting (XSS) in Claroline

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Claroline, which can be exploited to perform Cross-Site Scripting XSS attacks against vulnerable web application visitors and administrators. 1 Cross-Site Scripting XSS in Claroline: CVE-2013-6267 1.1 The vulnerability...

4.3CVSS6.1AI score0.00515EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/10/16 12:0 a.m.39 views

Cross-Site Scripting (XSS) in Zikula Application Framework

High-Tech Bridge Security Research Lab discovered vulnerability in Zikula Application Framework, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Zikula Application Framework: CVE-2013-6168 1.1 The vulnerability exists due to insufficient...

4.3CVSS5.8AI score0.0034EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/10/09 12:0 a.m.31 views

SQL Injection in appRain

High-Tech Bridge Security Research Lab discovered vulnerability in appRain, which can be exploited to perform SQL Injection attacks. 1 Blind SQL Injection in appRain: CVE-2013-6058 The vulnerability is caused by insufficient validation of user-supplied data appended to "/blog-by-cat/" URL. Remote...

7.5CVSS2.2AI score0.02569EPSS
Exploits7Affected Software1
htbridge
htbridgeadded 2013/10/02 12:0 a.m.57 views

Cross-Site Scripting (XSS) in GuppY

High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in GuppY, which can be exploited to perform Cross-Site Scripting attacks against users of vulnerable application. 1 Cross-Site Scripting XSS in GuppY: CVE-2013-5983 1.1 The vulnerability exists due to insufficient...

4.3CVSS5.6AI score0.00407EPSS
Exploits1Affected Software1
htbridge
htbridgeadded 2013/09/25 12:0 a.m.39 views

Remote Code Execution in Microweber

High-Tech Bridge Security Research Lab discovered vulnerability in Microweber, which can be exploited to delete arbitrary files and compromise vulnerable system as a consequence. 1 Improper Access Control in Microweber: CVE-2013-5984 Vulnerability exists due to improper access restriction to...

10CVSS7.3AI score0.01122EPSS
Exploits2Affected Software1
htbridge
htbridgeadded 2013/09/18 12:0 a.m.51 views

Cross-Site Scripting (XSS) in Feng Office

High-Tech Bridge Security Research Lab discovered vulnerability in Feng Office, which can be exploited to perform Cross-Site Scripting XSS attacks against users of vulnerable application. 1 Cross-Site Scripting XSS in Feng Office: CVE-2013-5744 1.1 The vulnerability exists due to insufficient...

4.3CVSS5.8AI score0.00318EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/09/11 12:0 a.m.384 views

Remote Code Execution in GLPI

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in GLPI, which can be exploited to bypass security restrictions and execute arbitrary PHP code with privileges of web server. 1 Improper Access Control in GLPI The vulnerability exists due to insufficient access restrictio...

10CVSS1.9AI score0.63954EPSS
Exploits11Affected Software1
htbridge
htbridgeadded 2013/09/04 12:0 a.m.40 views

Multiple Vulnerabilities in X2CRM

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in X2CRM, which can be exploited to include arbitrary local files and execute arbitrary PHP code, as well as to perform Cross-Site Sripting XSS attacks against users of vulnerable application. 1 PHP File Inclusion in X2CRM...

7.6CVSS0.9AI score0.09328EPSS
Exploits6Affected Software1
htbridge
htbridgeadded 2013/08/28 12:0 a.m.41 views

Multiple Vulnerabilities in Gnew

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Gnew, which can be exploited to execute arbitrary PHP code and pefrom SQL injection attacks against vulnerable application. 1 PHP File Inclusion in Gnew: CVE-2013-5639 Vulnerability exists due to insufficient validation...

7.6CVSS0.8AI score0.04589EPSS
Exploits7Affected Software1
htbridge
htbridgeadded 2013/08/21 12:0 a.m.1047 views

Cross-Site Scripting (XSS) in WikkaWiki

High-Tech Bridge Security Research Lab discovered vulnerability in WikkaWiki, which can be exploited to perform Cross-Site Scripting XSS attacks against users of vulnerable application. 1 Cross-Site Scripting XSS in WikkaWiki: CVE-2013-5586 The vulnerability exists due to insufficient sanitisatio...

4.3CVSS5.8AI score0.00984EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/08/07 12:0 a.m.117 views

SQL Injection in vtiger CRM

High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in vtiger CRM, which can be exploited to execute arbitrary SQL commands in application's database. 1 SQL Injection in vtiger CRM: CVE-2013-5091 The vulnerability exists due to insufficient validation of "onlyforuser" HT...

6.5CVSS8.2AI score0.00353EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2013/07/31 12:0 a.m.31 views

Improper Access Control in Collabtive

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Collabtive, which can be exploited to gain complete control over the application. 1 Improper Access Control in Collabtive: CVE-2013-5027 The vulnerability exists due to improper access restrictions to the third installation...

7.5CVSS9.2AI score0.00364EPSS
Exploits1Affected Software1
htbridge
htbridgeadded 2013/07/24 12:0 a.m.31 views

Path Traversal in DeWeS Web Server (Twilight CMS)

High-Tech Bridge Security Research Lab discovered path traversal vulnerability in DeWeS web server that is supplied in package with Twilight CMS Windows version, which can be exploited to read arbitrary files on vulnerable system. 1 Path Traversal in DeWeS Web Server: CVE-2013-4900 The...

5CVSS6.7AI score0.22165EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2013/07/24 12:0 a.m.31 views

Cross-Site Scripting (XSS) in Twilight CMS

High-Tech Bridge Security Research Lab discovered vulnerability in Twilight CMS, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Twilight CMS: CVE-2013-4899 The vulnerability exists due to insufficient filtration of user-supplied data appended to...

4.3CVSS5.8AI score0.00359EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/07/17 12:0 a.m.53 views

Multiple Vulnerabilities in BigTree CMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in BigTree CMS, which can be exploited to perform SQL injection, Cross-Site Scripting XSS and Cross-Site Request Forgery CSRF attacks. A remote attacker can add, modify or delete information in application's database and...

7.5CVSS8.1AI score0.04522EPSS
Exploits8Affected Software1
htbridge
htbridgeadded 2013/07/10 12:0 a.m.36 views

SQL Injection in Cotonti

High-Tech Bridge Security Research Lab discovered vulnerability in Cotonti, which can be exploited to perform SQL injection attacks against vulnerable application. A remote attacker can read, modify or delete data in application’s database and even gain complete control over the application under...

7.5CVSS8.6AI score0.01022EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2013/07/03 12:0 a.m.92 views

Cross-Site Scripting (XSS) in Magnolia CMS

High-Tech Bridge Security Research Lab discovered XSS vulnerability in Magnolia CMS, which can be exploited to perform Cross-Site Scripting attacks against users of vulnerable application. 1 Cross-Site Scripting XSS in Magnolia CMS: CVE-2013-4759 The vulnerability exists due to insufficient...

4.3CVSS5.3AI score0.10299EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/06/19 12:0 a.m.39 views

Cross-Site Scripting (XSS) in BackWPup WordPress Plugin

High-Tech Bridge Security Research Lab discovered XSS vulnerability in BackWPup WordPress Plugin, which can be exploited to perform cross-site scripting attacks against administrator of vulnerable application. 1 Cross-Site Scripting XSS in BackWPup WordPress Plugin: CVE-2013-4626 The vulnerabilit...

2.6CVSS0.00498EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/06/19 12:0 a.m.64 views

Cross-Site Scripting (XSS) in Duplicator WordPress Plugin

High-Tech Bridge Security Research Lab discovered XSS vulnerability in Duplicator WordPress plugin, which can be exploited to perform cross-site scripting attacks against vulnerable application. 1 Cross-Site Scripting XSS in Duplicator WordPress Plugin: CVE-2013-4625 The vulnerability exists due ...

2.6CVSS5.1AI score0.07785EPSS
Exploits2Affected Software1
htbridge
htbridgeadded 2013/06/12 12:0 a.m.38 views

XSS Vulnerabilities in OpenCms

High-Tech Bridge Security Research Lab discovered 2 XSS vulnerabilities in OpenCms, which can be exploited to perform Cross-Site Scripting attacks against users of vulnerable application. 1 Multiple Cross-Site Scripting XSS in OpenCms: CVE-2013-4600 1.1 The vulnerability exists due to insufficien...

4.3CVSS5.6AI score0.00256EPSS
Exploits3Affected Software1
htbridge
htbridgeadded 2013/06/05 12:0 a.m.41 views

Multiple XSS Vulnerabilities in Jahia xCM

High-Tech Bridge Security Research Lab discovered multiple XSS vulnerabilities in Jahia xCM, which can be exploited to perform cross-site scripting attacks against administrator of vulnerable application. 1 Multiple Cross-Site Scripting XSS Vulnerabilites in Jahia xCM: CVE-2013-4624 1.1 The...

2.6CVSS5.3AI score0.00909EPSS
Exploits2Affected Software1
htbridge
htbridgeadded 2013/05/29 12:0 a.m.46 views

Multiple Vulnerabilities in Kasseler CMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Kasseler CMS, which can be exploited to perform SQL injection, Cross-Site Scripting XSS and Cross-Site Request Forgery CSRF attacks and compromise vulnerable application. 1 SQL Injection in Kasseler CMS: CVE-2013-3727 T...

5.1CVSS7.2AI score0.02398EPSS
Exploits7Affected Software1
htbridge
htbridgeadded 2013/05/22 12:0 a.m.37 views

SQL Injection in Dolphin | HTB23157

High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in Dolphin, which can be exploited to manipulate SQL requests passed to vulnerable application and obtain sensitive data from the database. 1 SQL Injection in Dolphin: CVE-2013-3638 The vulnerability exists due to...

5.1CVSS9.7AI score0.0037EPSS
Exploits1Affected Software1
htbridge
htbridgeadded 2013/05/15 12:0 a.m.32 views

Multiple XSS Vulnerabilities in Xaraya

High-Tech Bridge Security Research Lab discovered four XSS vulnerabilities in Xaraya, which can be exploited to perform cross-site scripting attacks against administrators of vulnerable application. 1 Multiple Cross-Site Scripting XSS in Xaraya: CVE-2013-3639 1.1 The vulnerability exists due to...

2.6CVSS5.2AI score0.06262EPSS
Exploits2Affected Software1
htbridge
htbridgeadded 2013/05/08 12:0 a.m.46 views

Multiple Vulnerabilities in OpenX

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in OpenX, which can be exploited to execute arbitrary PHP code, perform Cross-Site Scripting XSS attacks and compromise vulnerable system. 1 Local File Inclusion in OpenX: CVE-2013-3514 Input passed via "group" HTTP GET...

7.6CVSS0.6AI score0.13319EPSS
Exploits6Affected Software1
htbridge
htbridgeadded 2013/04/24 12:0 a.m.64 views

Multiple Vulnerabilities in Exponent CMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Exponent CMS, which can be exploited to execute arbitrary SQL commands in the database of vulnerable application and execute arbitrary PHP code on the vulnerable system. 1 SQL Injection in Exponent CMS: CVE-2013-3294 Th...

7.6CVSS0.6AI score0.00616EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2013/04/17 12:0 a.m.33 views

Multiple Vulnerabilities in Jojo CMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Jojo CMS, which can be exploited to perform SQL Injection and Cross-Site Scripting XSS attacks. 1 SQL Injection in Jojo CMS: CVE-2013-3081 The vulnerability is caused by insufficient filtration of user-supplied input...

6.8CVSS7.3AI score0.02034EPSS
Exploits2Affected Software1
htbridge
htbridgeadded 2013/04/10 12:0 a.m.33 views

SQL Injection in b2evolution

High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in b2evolution, which can be exploited to alter SQL requests passed to the vulnerable application's database. 1 SQL Injection in b2evolution: CVE-2013-2945 The vulnerability exists due to insufficient validation of HTTP...

5.1CVSS0.7AI score0.00774EPSS
Exploits5Affected Software1
htbridge
htbridgeadded 2013/04/03 12:0 a.m.51 views

Cross-Site Request Forgery (CSRF) in UMI.CMS

High-Tech Bridge Security Research Lab discovered CSRF vulnerability in UMI.CMS, which can be exploited to perform Cross-Site Request Forgery CSRF attacks and create new administrator in the vulnerable application. 1 Cross-site Request Forgery CSRF in UMI.CMS: CVE-2013-2754 The application allows...

5.1CVSS6.3AI score0.00316EPSS
Exploits5Affected Software1
Total number of security vulnerabilities559