QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2012-1416

Back to search

CVE-2012-1416

Published: Oct 8, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts via a member_new action to my_admin/admin1_members.php or (2) modify the default site title via a save action to my_admin/admin1_configuration.php.

VendorProductVersions

n/a

n/a

affected
n/a

References

44313
third-party-advisory
x_refsource_SECUNIA
71930
vdb-entry
x_refsource_OSVDB
socialcms-multiple-csrf(66985)
vdb-entry
x_refsource_XF
17193
exploit
x_refsource_EXPLOIT-DB
18487
exploit
x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now