NVD

Id
14981  
Name
CVE-2010-3603  
Description
Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService.ashx) in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote attackers to hijack the authentication of administrators for requests that rename arbitrary files, as demonstrated by causing the user.config file to be moved, leading to a denial of service (service stop) and possibly the exposure of sensitive information.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2010-09-24  
Modified Date
2010-09-27  
Seq
2010-3603  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
83309 14981 CVE-2010-3603 http://packetstormsecurity.org/1009-advisories/moaub16-mojoportal.pdf  View
83310 14981 CVE-2010-3603 http://packetstormsecurity.org/1009-exploits/moaub-mojoportal.txt  View
83311 14981 CVE-2010-3603 15018  View
83312 14981 CVE-2010-3603 http://www.mojoportal.com/mojoportal-2352-released.aspx  View
83313 14981 CVE-2010-3603 mojoportal-fileservice-csrf(61834)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37407 JVNDB-2010-003192 mojoPortal の ファイルマネージャサービスにおけるクロスサイトリクエストフォージェリの脆弱性 mojoPortal の ファイルマネージャサービス (Services/FileService.ashx) には、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2010-3603 46183 CVE-2010-3603 14981 6.8 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003192.html 2010-09-24 2012-03-27 View