exploitDog

CVE-2020-35687

Опубликовано: 13 янв. 2021

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to deletion of all shoutbox messages by the attacker on behalf of the logged in victim.

Ссылки

https://github.com/PHPFusion/PHPFusion/issues/2347
Exploit
Issue Tracking
Third Party Advisory
https://www.exploit-db.com/exploits/49426
Exploit
Third Party Advisory
VDB Entry
https://github.com/PHPFusion/PHPFusion/issues/2347
Exploit
Issue Tracking
Third Party Advisory
https://www.exploit-db.com/exploits/49426
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:php-fusion:phpfusion:9.03.90:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00124

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-3hp7-gf4j-8f4c

github

больше 3 лет назад

PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to deletion of all shoutbox messages by the attacker on behalf of the logged in victim.

EPSS

Процентиль: 32%

0.00124

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352