CVE-2019-13071

Published: 10/07/2019 Updated: 09/10/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an malicious user to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cyberpowersystems powerpanel 3.4.0

PowerPanel Business Edition version 340 is vulnerable to cross site request forgery vulnerability This can be exploited by tricking an authenticated user into visiting a web page controlled by a malicious person ...

# Exploit Title: PowerPanel Business Edition 340 - Cross Site Request Forgery # Date: 7/9/2019 # Exploit Author: Joey Lane # Vendor Homepage: wwwcyberpowersystemscom # Version: 340 # Tested on: Ubuntu 1604 # CVE : CVE-2019-13071 # Reported to vendor on 5/25/2019, no acknowledgement The Agent/Center component of PowerPanel Business ...

CWE-352 http://seclists.org/fulldisclosure/2019/Jul/11 http://packetstormsecurity.com/files/153581/PowerPanel-Business-Edition-3.4.0-Cross-Site-Request-Forgery.html https://nvd.nist.gov http://seclists.org/fulldisclosure/2019/Jul/11

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-13071

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect