Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1227


Vulnerability Score 6.8 6.8
CVE Id CVE-2012-1227
Last Modified 24 Feb 2012 12:00:00
Published 21 Feb 2012 08:31:47
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that (1) modify the admin email address or (2) modify the blog title via a settings action; (3) add a page via an editpage action, or (4) add a categorie via the blog module.

Vulnerable Systems


  • Pluck-cms Pluck 4.7


EXPLOIT-DB - 18474

SECUNIA - 47934

OSVDB - 79005

Last Updated: 27 May 2016 10:58:18