4.3
CVSSv2

CVE-2012-4385

Published: 13/11/2019 Updated: 15/11/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

letodms 3.3.6 has CSRF via change password

Vulnerability Trend

Affected Products

Vendor Product Versions
TrilexnetLetodms3.3.6
DebianDebian Linux8.0

Exploits

# Exploit Title: LetoDMS 336 Multiple Reflected/Stored XSS & Password Change CSRF Vulnerability # Date: 23/08/2012 # Exploit Author: Shai rod (@NightRang3r) # Vendor Homepage: wwwletodmscom/ # Software Link: sourceforgenet/projects/mydms/files/LetoDMS/LetoDMS-336/ # Version: 336 #Gr33Tz: @aviadgolan , @benhayak, @nirgol ...