Vulnerability CVE-2006-3272


Published: 2006-06-28   Modified: 2012-02-12

Description:
Cross-site request forgery (CSRF) vulnerability in menu.php in Some Chess 1.5 rc2 allows remote attackers to conduct actions as another user, such as changing usernames and passwords, via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Astrodog press -> Some chess 

 References:
http://xforce.iss.net/xforce/xfdb/27307
http://secunia.com/advisories/20770

Copyright 2021, cxsecurity.com

 

Back to Top