CVE-2013-3729

by Fred · 13/03/2014

Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail module or (2) query parameter in a sql_query action in the database module to admin.php, related to CVE-2013-3727.

Date published : 2014-03-13

http://seclists.org/bugtraq/2013/Jul/26

http://diff.kasseler-cms.net/svn.html

CVE-2013-3729

Similar

Recent Posts

Categories

CVE-2013-3729

Share this:

Similar

Recent Posts

Categories

Tags