Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-5285

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2010-5285
Last Modified 28 Nov 2012 11:27:10
Published 26 Nov 2012 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2010-5285

Summary

Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action.

Vulnerable Systems

Application

  • O-dyn Collabtive 0.6.5


References

BID - 44050

EXPLOIT-DB - 15240

MISC - http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt

SECUNIA - 41805

MISC - http://packetstormsecurity.org/1010-exploits/collabtive-xssxsrf.txt


Last Updated: 27 May 2016 10:49:51