Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4877

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-4877
Last Modified 17 Sep 2012 12:00:00
Published 06 Sep 2012 05:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4877

Summary

Cross-site request forgery (CSRF) vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts.

Vulnerable Systems

Application

  • Flatnux 2008-12-11

  • Flatnux 2009-01-27

  • Flatnux 2009-02-04

  • Flatnux 2011-08-09-2


References

XF - flatnux-controlcenter-csrf(74567)

MISC - http://www.vulnerability-lab.com/get_content.php?id=487

BID - 52846

SECUNIA - 48656

MISC - http://packetstormsecurity.org/files/111473/Flatnux-CMS-2011-08.09.2-CSRF-XSS-Directory-Traversal.html

OSVDB - 80878


Last Updated: 27 May 2016 11:00:30