Published: 06/06/2014 Updated: 09/06/2014

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote malicious users to obtain sensitive information via a request to Admin/top.aspx.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ddsn cm3 acora content management system 6.0.6\\/1a
ddsn cm3 acora content management system 6.0.2\\/1a
ddsn cm3 acora content management system 5.5.7\\/12b
ddsn cm3 acora content management system 5.5.0\\/1b-p1

source: wwwsecurityfocuscom/bid/62010/info cm3 Acora CMS is prone to an information-disclosure vulnerability Successful exploits of this issue lead to disclosure of sensitive information which may aid in launching further attacks wwwexamplecom/AcoraCMS/Admin/topaspx <input type="hidden" name="__VIEWSTATE" id="__VIEWSTAT ...

CM3 AcoraCMS versions 606/1a, 602/1a, 557/12b, and 550/1b-p1 suffer from cross site request forgery, cross site scripting, information disclosure, weak cookies, and URL redirection vulnerabilities ...

CWE-200 http://www.digitalsec.net/stuff/explt+advs/CM3.AcoraCMS.v6.txt http://osvdb.org/96666 https://nvd.nist.gov https://www.exploit-db.com/exploits/38740/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-4727

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect