CVE-2009-3022
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Summary
Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52838
- http://osvdb.org/57425
- http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000058.html
- http://www.bingo-cms.jp/security/jvn68640473.html
- http://jvn.jp/en/jp/JVN68640473/index.html
- http://secunia.com/advisories/36458
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52838
- http://osvdb.org/57425
- http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000058.html
- http://www.bingo-cms.jp/security/jvn68640473.html
- http://jvn.jp/en/jp/JVN68640473/index.html
- http://secunia.com/advisories/36458
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.