Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2015-5595

Published: 31/12/2019 Updated: 07/01/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Zenphoto

Vulnerability Summary

Cross-site request forgery (CSRF) vulnerability in admin.php in Zenphoto prior to 1.4.9 allows remote malicious users to hijack the authentication of admin users for requests that may cause a denial of service (resource consumption).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

zenphoto zenphoto

Exploits

Exploit DB: ZenPhoto 1.4.8 - Multiple Vulnerabilities
Vulnerability: SQL Injection, Reflected XSS, Path Traversal Affected Software: ZenPhoto (wwwzenphotoorg/) Affected Version: 148 (probably also prior versions) Patched Version: 149 Risk: Medium Vendor Contacted: 2015-05-18 Vendor Fix: 2015-07-09 Public Disclosure: 2015-07-10 SQL Injection ============= There are multiple second orde ...

References

CWE-352https://software-talk.org/blog/2015/07/second-order-sql-injection-reflected-xss-path-traversal-function-execution-vulnerability-zenphoto/http://www.openwall.com/lists/oss-security/2015/07/18/3http://www.zenphoto.org/news/zenphoto-1.4.9https://nvd.nist.govhttps://www.exploit-db.com/exploits/37602/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook