Описание
Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mywebland:mybloggie:2.1.6:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00317
Низкий
5.1 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
почти 4 года назад
Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.
EPSS
Процентиль: 54%
0.00317
Низкий
5.1 Medium
CVSS2
Дефекты
CWE-352