CVE-2011-5306
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD
Description
Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/setup_edit.cgi in CosmoShop ePRO 10.05.00 allows remote attackers to hijack the authentication of administrators for requests that modify settings via a setup action.
Affected (1)
Products: Zaunz Gmbh: Cosmoshop
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.05.00 |
References (2)
Timeline
No history available yet.