CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3994

Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.7%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2011-3994

Skyarc » Autotagging » Version: 0.08

cpe:2.3:a:skyarc:autotagging:0.08
Skyarc » Autotagging » Version: 0.1

cpe:2.3:a:skyarc:autotagging:0.1
Skyarc » Duplicateentry » Version: 1.2

cpe:2.3:a:skyarc:duplicateentry:1.2
Skyarc » Mailpack » Version: 1.741

cpe:2.3:a:skyarc:mailpack:1.741
Skyarc » Mailpack » Version: 1.9

cpe:2.3:a:skyarc:mailpack:1.9
Skyarc » Mtcms » Version: 5.2

cpe:2.3:a:skyarc:mtcms:5.2
Skyarc » Mtcms » Version: 5.21

cpe:2.3:a:skyarc:mtcms:5.21
Skyarc » Mtcms » Version: 5.22

cpe:2.3:a:skyarc:mtcms:5.22
Skyarc » Mtcms » Version: 5.23

cpe:2.3:a:skyarc:mtcms:5.23
Skyarc » Mtcms » Version: 5.24

cpe:2.3:a:skyarc:mtcms:5.24
Skyarc » Mtcms » Version: 5.25

cpe:2.3:a:skyarc:mtcms:5.25
Skyarc » Mtcms » Version: 5.251

cpe:2.3:a:skyarc:mtcms:5.251
Skyarc » Mtcms » Version: 5.3

cpe:2.3:a:skyarc:mtcms:5.3
Skyarc » Multifileuploader » Version: 0.44

cpe:2.3:a:skyarc:multifileuploader:0.44

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3994

Products

Pricing

Contact Us