Cross-Site Request Forgery Vulnerability in eXtplorer by eXtplorer
CVE-2012-3362

Currently unrated

Key Information:

Vendor: Extplorer
Status: Extplorer
Vendor: CVE Published:; 12 July 2012

What is CVE-2012-3362?

A Cross-Site Request Forgery (CSRF) vulnerability exists in eXtplorer versions 2.1 RC3 and earlier, which could enable remote attackers to exploit the authentication of administrators. Specifically, this flaw could allow attackers to send unauthorized requests on behalf of an admin, leading to the potential addition of unauthorized administrator accounts through the 'adduser admin' action. This can severely compromise the integrity and security of the application, as it allows malicious users to gain elevated privileges without legitimate access.

References

http://www.autosectools.com/Advisories/eXtplorer.2.1.RC3_...

x_refsource_MISC

http://www.debian.org/security/2012/dsa-2510

vendor-advisoryx_refsource_DEBIAN

http://www.openwall.com/lists/oss-security/2012/06/25/1

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 12, 2012
Vulnerability Reserved
Jun 14, 2012

CVE-2012-3362 Data

JSON

Extplorer

What is CVE-2012-3362?

References

Timeline