RSS   Podatności dla 'Krisonav'   RSS

2014-05-23
 
CVE-2013-2713

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in users_maint.html in KrisonAV CMS before 3.0.2 allows remote attackers to hijack the authentication of administrators for requests that create user accounts via a crafted request.

 
 
CVE-2013-2712

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top