Описание
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-3362
- http://www.autosectools.com/Advisories/eXtplorer.2.1.RC3_Cross-site.Request.Forgery_174.html
- http://www.debian.org/security/2012/dsa-2510
- http://www.openwall.com/lists/oss-security/2012/06/24/1
- http://www.openwall.com/lists/oss-security/2012/06/25/1
- http://www.openwall.com/lists/oss-security/2012/06/26/1
- http://www.openwall.com/lists/oss-security/2012/06/27/1
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 a ...
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации