CVE

Id
46067  
CVE No.
CVE-2010-3483  
Status
Candidate  
Description
cms_write.php in Primitive CMS 1.0.9 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request. NOTE: this vulnerability can be leveraged to conduct cross-site scripting attacks, as demonstrated using the (1) title, (2) content, and (3) menutitle parameters.  
Phase
Assigned (20100922)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
501063 46067 CVE-2010-3483 EXPLOIT-DB:15064  View
501064 46067 CVE-2010-3483 URL:http://www.exploit-db.com/exploits/15064  View
501065 46067 CVE-2010-3483 MISC:http://packetstormsecurity.org/1009-exploits/primitive-sqlxss.txt  View
501066 46067 CVE-2010-3483 SECUNIA:41515  View
501067 46067 CVE-2010-3483 URL:http://secunia.com/advisories/41515  View
501068 46067 CVE-2010-3483 VUPEN:ADV-2010-2458  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
37360 JVNDB-2010-003145 YelloSoft Pinky におけるディレクトリトラバーサルの脆弱性 YelloSoft Pinky には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2010-3487 46067 5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003145.html  View