Sign in Subscribe

← All vendors

Vendor

Kan Studio

Products

1

CVEs

1

Across products

1

Status

Private

Products

1

Kandidat CMS
1 CVE

Recent CVEs

1

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2010-5319		0.00	—	0.00		Jan 3, 2015	Multiple cross-site request forgery (CSRF) vulnerabilities in Kandidat CMS 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that (1) modify settings via a validate action to admin/settings.php, (2) modify pages via the what parameter to admin/edit.php, or (3) modify articles via the edit parameter to admin/news.php.

CVE-2010-5319Jan 3, 2015
risk 0.00cvss —epss 0.00
Multiple cross-site request forgery (CSRF) vulnerabilities in Kandidat CMS 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that (1) modify settings via a validate action to admin/settings.php, (2) modify pages via the what parameter to admin/edit.php, or (3) modify articles via the edit parameter to admin/news.php.