CVE-2013-1468 - CERT CVE
ID CVE-2013-1468
Sažetak Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.
Reference
CVSS
Base: 7.6
Impact: 10.0
Exploitability:4.9
Pristup
VektorSloženostAutentikacija
NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE COMPLETE COMPLETE
CVSS vektor AV:N/AC:H/Au:N/C:C/I:C/A:C
Zadnje važnije ažuriranje 03-10-2013 - 18:49
Objavljeno 14-03-2013 - 03:13