CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-1954

Multiple cross-site request forgery (CSRF) vulnerabilities in Post Revolution 0.8.0c-2 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests to (1) ajax-weblog-guardar.php, (2) verpost.php, (3) comments.php, or (4) perfil.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.2%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2011-1954

Postrev » Post Revolution » Version: Any

cpe:2.3:a:postrev:post_revolution:*
Postrev » Post Revolution » Version: 0.6.2

cpe:2.3:a:postrev:post_revolution:0.6.2
Postrev » Post Revolution » Version: 0.6.3

cpe:2.3:a:postrev:post_revolution:0.6.3
Postrev » Post Revolution » Version: 0.6.4

cpe:2.3:a:postrev:post_revolution:0.6.4
Postrev » Post Revolution » Version: 0.6.5

cpe:2.3:a:postrev:post_revolution:0.6.5
Postrev » Post Revolution » Version: 0.6.6

cpe:2.3:a:postrev:post_revolution:0.6.6
Postrev » Post Revolution » Version: 0.7.0

cpe:2.3:a:postrev:post_revolution:0.7.0
Postrev » Post Revolution » Version: 0.8.0

cpe:2.3:a:postrev:post_revolution:0.8.0
Postrev » Post Revolution » Version: 0.8.0b

cpe:2.3:a:postrev:post_revolution:0.8.0b
Postrev » Post Revolution » Version: 0.8.0c

cpe:2.3:a:postrev:post_revolution:0.8.0c

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-1954

Products

Pricing

Contact Us