Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
685
VMScore

CVE-2018-7746

Published: 07/03/2018 Updated: 09/09/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Razor

Vulnerability Summary

An issue exists in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/manage/channel/modifychannel. For example, with a crafted channel name, stored XSS is triggered during a later /index.php?/manage/channel request by an admin.

Vulnerable Product Search on Vulmon Subscribe to Product

cobub razor 0.7.2

Exploits

Exploit DB: Cobub Razor 0.7.2 - Cross-Site Request Forgery
# Exploit Title: Cobub Razor 072 Cross Site Request Forgery # Date: 2018-03-07 # Exploit Author: ppb # Vendor Homepage: githubcom/cobub/razor/ # Software Link: githubcom/cobub/razor/ # Version: 072 # CVE : CVE-2018-7746 There is a vulnerability Authentication is not required for /indexphp?/manage/channel/modifychannel For e ...
Exploit DB: Cobub Razor 0.7.2 Cross Site Request Forgery
Cobub Razor version 072 suffers from a cross site request forgery vulnerability ...

References

CWE-352CWE-79https://github.com/cobub/razor/issues/161https://www.exploit-db.com/exploits/44416/https://nvd.nist.govhttps://www.exploit-db.com/exploits/44416/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook