CVE

Id
47869  
CVE No.
CVE-2010-5285  
Status
Candidate  
Description
Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action.  
Phase
Assigned (20121126)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
520403 47869 CVE-2010-5285 EXPLOIT-DB:15240  View
520404 47869 CVE-2010-5285 URL:http://www.exploit-db.com/exploits/15240  View
520405 47869 CVE-2010-5285 MISC:http://packetstormsecurity.org/1010-exploits/collabtive-xssxsrf.txt  View
520406 47869 CVE-2010-5285 MISC:http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt  View
520407 47869 CVE-2010-5285 BID:44050  View
520408 47869 CVE-2010-5285 URL:http://www.securityfocus.com/bid/44050  View
520409 47869 CVE-2010-5285 SECUNIA:41805  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
39866 JVNDB-2010-005651 IncrediMail の ImSpoolU.dll の INCREDISPOOLERLib.Pop ActiveX コントロールにおけるバッファオーバーフローの脆弱性 IncrediMail の ImSpoolU.dll の INCREDISPOOLERLib.Pop ActiveX コントロール内の Authenticate メソッドには、バッファオーバーフローの脆弱性が存在します。 CVE-2010-5289 47869 5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-005651.html  View