CVE-2012-1248 - CERT CVE
ID CVE-2012-1248
Sažetak app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.
Reference
CVSS
Base: 5.1
Impact: 6.4
Exploitability:4.9
Pristup
VektorSloženostAutentikacija
NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:H/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 14-09-2021 - 12:10
Objavljeno 15-05-2012 - 20:55