Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-RC94-7V55-WMG6
HistoryMay 14, 2022 - 2:01 a.m.

Subrion CMS CSRF Vulnerability

2022-05-1402:01:19
Google
osv.dev
10
subrion cms
csrf
vulnerability
logic error
detect csrf
code
attack
query parameter
software

EPSS

0.001

Percentile

19.4%

JSON

There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and before 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php code, allowing (for example) an attack against the query parameter to panel/database.

Related

cvelist 1
nvd 1
prion 1
cve 1
osv 1
github 1
cvelist
cvelist
CVE-2017-15063
2017-10-06 07:00:00
nvd
nvd
CVE-2017-15063
2017-10-06 07:29:00
prion
prion
Cross site request forgery (csrf)
2017-10-06 07:29:00
cve
cve
CVE-2017-15063
2017-10-06 07:29:00
osv
osv
CVE-2017-15063
2017-10-06 07:29:00
github
github
Subrion CMS CSRF Vulnerability
2022-05-14 02:01:19

EPSS

0.001

Percentile

19.4%

JSON
Related for OSV:GHSA-RC94-7V55-WMG6
cvelist1nvd1prion1cve1osv1github1