Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2012-5891

Multiple cross-site request forgery (CSRF) vulnerabilities in photo/pass.php in DAlbum 1.44 build 174 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an add action, (2) change user passwords via a change action, or (3) delete a user via a delete action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.9%
CVSS Severity
CVSS v2 Score 6.8
Products affected by CVE-2012-5891
  • Dalbum » Dalbum » Version: 1.03
    cpe:2.3:a:dalbum:dalbum:1.03
  • Dalbum » Dalbum » Version: 1.04
    cpe:2.3:a:dalbum:dalbum:1.04
  • Dalbum » Dalbum » Version: 1.05
    cpe:2.3:a:dalbum:dalbum:1.05
  • Dalbum » Dalbum » Version: 1.06
    cpe:2.3:a:dalbum:dalbum:1.06
  • Dalbum » Dalbum » Version: 1.07
    cpe:2.3:a:dalbum:dalbum:1.07
  • Dalbum » Dalbum » Version: 1.08
    cpe:2.3:a:dalbum:dalbum:1.08
  • Dalbum » Dalbum » Version: 1.09
    cpe:2.3:a:dalbum:dalbum:1.09
  • Dalbum » Dalbum » Version: 1.10
    cpe:2.3:a:dalbum:dalbum:1.10
  • Dalbum » Dalbum » Version: 1.20
    cpe:2.3:a:dalbum:dalbum:1.20
  • Dalbum » Dalbum » Version: 1.21
    cpe:2.3:a:dalbum:dalbum:1.21
  • Dalbum » Dalbum » Version: 1.22
    cpe:2.3:a:dalbum:dalbum:1.22
  • Dalbum » Dalbum » Version: 1.3
    cpe:2.3:a:dalbum:dalbum:1.3
  • Dalbum » Dalbum » Version: 1.31
    cpe:2.3:a:dalbum:dalbum:1.31
  • Dalbum » Dalbum » Version: 1.32
    cpe:2.3:a:dalbum:dalbum:1.32
  • Dalbum » Dalbum » Version: 1.33
    cpe:2.3:a:dalbum:dalbum:1.33
  • Dalbum » Dalbum » Version: 1.34
    cpe:2.3:a:dalbum:dalbum:1.34
  • Dalbum » Dalbum » Version: 1.35
    cpe:2.3:a:dalbum:dalbum:1.35
  • Dalbum » Dalbum » Version: 1.44
    cpe:2.3:a:dalbum:dalbum:1.44


Products
Pricing
Contact Us

Shodan ® - All rights reserved