CVE-2012-4902 in Template CMSinfo

Zusammenfassung

von MITRE

Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator user via an add action to admin/index.php or (2) conduct static PHP code injection attacks via the themes_editor parameter in an edit_template action to admin/index.php.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

12.09.2012

Veröffentlichung

20.05.2015

Moderieren

akzeptiert

Eintrag

VDB-75484

CPE

bereit

CWE

CWE-352 (bestätigt)

Exploit

Download

CVSS

6.8 (NVD)

EPSS

0.00534

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider, Agriculture, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-4902
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-4902
CVE Details	https://www.cvedetails.com/cve/CVE-2012-4902/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!