CVE-2012-1897

NONECVSS 0.0

0.0

Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS 0.75 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via the user id number to admin/user/delete; (2) delete pages via the page id number to admin/page/delete; delete the (3) images or (4) themes directory via the directory name to admin/plugin/file_manager/delete, and possibly other directories; or (5) logout the user via a request to admin/login/logout.

🔗 References (8)

cve@mitrehttp://packetstormsecurity.org/files/111116/Wolfcms-0.75-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
cve@mitrehttp://secunia.com/advisories/48520
cve@mitrehttp://www.webapp-security.com/2012/03/wolfcms/
cve@mitrehttp://www.webapp-security.com/wp-content/uploads/2012/03/Wolfcms-0.75-Multiple-Vulnerabilities-CSRF-XSS.txt
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.org/files/111116/Wolfcms-0.75-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/48520
af854a3a-2127-422b-91ae-364da2661108http://www.webapp-security.com/2012/03/wolfcms/
af854a3a-2127-422b-91ae-364da2661108http://www.webapp-security.com/wp-content/uploads/2012/03/Wolfcms-0.75-Multiple-Vulnerabilities-CSRF-XSS.txt

Is Your Infrastructure Affected by CVE-2012-1897?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-1897

📅 Published

🔄 Last Modified

🔗 References (8)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-1897?