CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-1631

Cross-site request forgery (CSRF) vulnerability in the Admin:hover module for Drupal allows remote attackers to hijack the authentication of administrators for requests that unpublish all nodes, and possibly other actions, via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.3%

CVSS Severity

CVSS v2 Score 6.8

References

http://drupal.org/node/1401644
http://drupal.org/node/1407206
http://www.openwall.com/lists/oss-security/2012/04/07/1
http://www.securityfocus.com/bid/51388
https://exchange.xforce.ibmcloud.com/vulnerabilities/72386
http://drupal.org/node/1401644
http://drupal.org/node/1407206
http://www.openwall.com/lists/oss-security/2012/04/07/1
http://www.securityfocus.com/bid/51388
https://exchange.xforce.ibmcloud.com/vulnerabilities/72386

Products affected by CVE-2012-1631

Databasepublish » Admin » Version: hover

cpe:2.3:a:databasepublish:admin:hover
Drupal » Drupal » Version: N/A

cpe:2.3:a:drupal:drupal:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-1631

Products

Pricing

Contact Us