NVD

Id
85046  
Name
CVE-2017-8101  
Description
There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-05-07  
Published
2017-04-24  
Modified Date
2017-04-27  
Seq
2017-8101  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
414566 85046 CVE-2017-6834 [oss-security] 20170313 Re: audiofile: heap-based buffer overflow in ulaw2linear_buf (G711.cpp)  View
414567 85046 CVE-2017-6834 https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp/  View
414568 85046 CVE-2017-6834 https://github.com/mpruett/audiofile/issues/38  View
414569 85046 CVE-2017-6834 https://github.com/mpruett/audiofile/pull/42  View
414570 85046 CVE-2017-6834 [oss-security] 20170313 Re: audiofile: heap-based buffer overflow in ulaw2linear_buf (G711.cpp)  View
414571 85046 CVE-2017-6834 https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp/  View
414572 85046 CVE-2017-6834 https://github.com/mpruett/audiofile/issues/38  View
414573 85046 CVE-2017-6834 https://github.com/mpruett/audiofile/pull/42  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
66863 JVNDB-2017-003188 Serendipity におけるクロスサイトリクエストフォージェリの脆弱性 Serendipity には、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2017-8101 0 CVE-2017-8101 85046 6.8 8.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003188.html 2017-04-09 2017-05-18 View