6.8
CVSSv2

CVE-2010-4750

Published: 01/03/2011 Updated: 22/09/2011
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote malicious users to hijack the authentication of administrators.

Affected Products

Vendor Product Versions
BlogcmsBlog:cms4.2.1.e

Exploits

Vulnerability ID: HTB22727 Reference: wwwhtbridgech/advisory/xsrf_csrf_in_blogcmshtml Product: BLOG:CMS Vendor: Radek Hulán ( blogcmscom/ ) Vulnerable Version: 421e and probably prior versions Vendor Notification: 30 November 2010 Vulnerability Type: CSRF (Cross-Site Request Forgery) Status: Not Fixed, Vendor Alerted Risk le ...