CVE-2018-7216

Published: 18/02/2018 Updated: 16/03/2018

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

CVSS v3 Base Score: 8 | Impact Score: 5.9 | Exploitability Score: 2.1

VMScore: 605

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in esop/toolkit/profile/regData.do in Bravo Tejari Procurement Portal allows remote authenticated users to hijack the authentication of application users for requests that modify their personal data by leveraging lack of anti-CSRF tokens.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tejari bravo solution -

Exploit Title: Bravo Tejari Web Portal-CSRF CVE-ID: CVE-2018-7216 Vulnerability Type: Cross Site Request Forgery (CSRF) Vendor of Product: Tejari Affected Product Code Base: Bravo Solution Affected Component: Web Interface Management Attack Type: Local - Authenticated Impact: Unauthorised Access Category: WebApps Author: Arvind V Author Social: @ ...

Bravo Tejari Web Portal suffers from a cross site request forgery vulnerability ...

CWE-352 https://www.securityfocus.com/archive/1/541782/30/0/threaded https://packetstormsecurity.com/files/146409/Tejari-Cross-Site-Request-Forgery.html http://seclists.org/fulldisclosure/2018/Feb/44 https://www.exploit-db.com/exploits/44256/https://nvd.nist.gov https://www.exploit-db.com/exploits/44256/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-7216

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect