exploitDog

CVE-2008-2071

Опубликовано: 12 мая 2008

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cpanel:cpanel:11.18:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.18.1:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.18.2:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.18.3:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.22:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.22.1:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.22.2:*:*:*:*:*:*:*

EPSS

Процентиль: 40%

0.0018

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-f524-3q83-83v9

github

почти 4 года назад

Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors.

EPSS

Процентиль: 40%

0.0018

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-352