NVD

Id
7565  
Name
CVE-2011-0503  
Description
Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, and probably earlier versions allows remote attackers to hijack the authentication of administrators for requests that (1) change user status via admin/customers.php or (2) change user permissions via admin/accounting.php. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2011-01-20  
Modified Date
2013-08-13  
Seq
2011-0503  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
42680 7565 CVE-2011-0503 15968  View
42681 7565 CVE-2011-0503 http://www.htbridge.ch/advisory/xsrf_csrf_in_vam_shop.html  View
42682 7565 CVE-2011-0503 20110111 XSRF (CSRF) in VaM Shop  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33905 JVNDB-2011-004147 VaM Shop におけるクロスサイトフォージェリの脆弱性 VaM Shop には、クロスサイトフォージェリの脆弱性が存在します。 CVE-2011-0503 48410 CVE-2011-0503 7565 6.8 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004147.html 2011-01-20 2012-03-27 View