Количество 2
Количество 2
CVE-2013-3729
Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail module or (2) query parameter in a sql_query action in the database module to admin.php, related to CVE-2013-3727.
GHSA-2x7x-45v7-xmvx
Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail module or (2) query parameter in a sql_query action in the database module to admin.php, related to CVE-2013-3727.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2013-3729 Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail module or (2) query parameter in a sql_query action in the database module to admin.php, related to CVE-2013-3727. | CVSS2: 6.8 | 3% Низкий | почти 12 лет назад |
| GHSA-2x7x-45v7-xmvx Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail module or (2) query parameter in a sql_query action in the database module to admin.php, related to CVE-2013-3727. | 3% Низкий | больше 3 лет назад |
Уязвимостей на страницу