Lucene search

[email protected]CVE-2010-4900

HistoryOct 08, 2011 - 10:55 a.m.

CVE-2010-4900

2011-10-0810:55:06

CWE-20

[email protected]

web.nvd.nist.gov

cve-2010-4900

open redirect

cms webmanager-pro

phishing attacks

web security

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.4%

JSON

Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

Affected configurations

NVD

Node

webmanager-procms_webmanager-proRange≤8.1

webmanager-procms_webmanager-proMatch7.4.3

CPENameOperatorVersion
webmanager-pro:cms_webmanager-prowebmanager-pro cms webmanager-prole8.1
webmanager-pro:cms_webmanager-prowebmanager-pro cms webmanager-proeq7.4.3

CPE	Name	Operator	Version
webmanager-pro:cms_webmanager-pro	webmanager-pro cms webmanager-pro	le	8.1
webmanager-pro:cms_webmanager-pro	webmanager-pro cms webmanager-pro	eq	7.4.3

References

packetstormsecurity.org/1009-exploits/webmanagerpro-sql.txt

securityreason.com/securityalert/8438

websecurity.com.ua/4146/

www.securityfocus.com/archive/1/513485/100/0/threaded

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.4%

JSON

Related for CVE-2010-4900

prion1 nvd1 cvelist1