Vulnerability Details CVE-2015-2954
Cross-site request forgery (CSRF) vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to hijack the authentication of arbitrary users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.2%
CVSS Severity
CVSS v2 Score 6.8
References
- http://jvn.jp/en/jp/JVN12241436/995646/index.html
- http://jvn.jp/en/jp/JVN12241436/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000079
- http://www.securityfocus.com/bid/75072
- http://jvn.jp/en/jp/JVN12241436/995646/index.html
- http://jvn.jp/en/jp/JVN12241436/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000079
- http://www.securityfocus.com/bid/75072
Products affected by CVE-2015-2954
-
cpe:2.3:a:igreks:milkystep_light:0.75
-
cpe:2.3:a:igreks:milkystep_light:0.76
-
cpe:2.3:a:igreks:milkystep_light:0.77
-
cpe:2.3:a:igreks:milkystep_light:0.78
-
cpe:2.3:a:igreks:milkystep_light:0.79
-
cpe:2.3:a:igreks:milkystep_light:0.80
-
cpe:2.3:a:igreks:milkystep_light:0.81
-
cpe:2.3:a:igreks:milkystep_light:0.90
-
cpe:2.3:a:igreks:milkystep_light:0.91
-
cpe:2.3:a:igreks:milkystep_light:0.92
-
cpe:2.3:a:igreks:milkystep_light:0.93
-
cpe:2.3:a:igreks:milkystep_light:0.94
-
cpe:2.3:a:igreks:milkystep_professional:1.10
-
cpe:2.3:a:igreks:milkystep_professional:1.11
-
cpe:2.3:a:igreks:milkystep_professional:1.12
-
cpe:2.3:a:igreks:milkystep_professional:1.13
-
cpe:2.3:a:igreks:milkystep_professional:1.14
-
cpe:2.3:a:igreks:milkystep_professional:1.20
-
cpe:2.3:a:igreks:milkystep_professional:1.21
-
cpe:2.3:a:igreks:milkystep_professional:1.22
-
cpe:2.3:a:igreks:milkystep_professional:1.23
-
cpe:2.3:a:igreks:milkystep_professional:1.24
-
cpe:2.3:a:igreks:milkystep_professional:1.31
-
cpe:2.3:a:igreks:milkystep_professional:1.32
-
cpe:2.3:a:igreks:milkystep_professional:1.40
-
cpe:2.3:a:igreks:milkystep_professional:1.41
-
cpe:2.3:a:igreks:milkystep_professional:1.42
-
cpe:2.3:a:igreks:milkystep_professional:1.43
-
cpe:2.3:a:igreks:milkystep_professional:1.44
-
cpe:2.3:a:igreks:milkystep_professional:1.50
-
cpe:2.3:a:igreks:milkystep_professional:1.51
-
cpe:2.3:a:igreks:milkystep_professional:1.52
-
cpe:2.3:a:igreks:milkystep_professional:1.53
-
cpe:2.3:a:igreks:milkystep_professional:1.54
-
cpe:2.3:a:igreks:milkystep_professional:1.55
-
cpe:2.3:a:igreks:milkystep_professional:1.56
-
cpe:2.3:a:igreks:milkystep_professional:1.57
-
cpe:2.3:a:igreks:milkystep_professional:1.58
-
cpe:2.3:a:igreks:milkystep_professional:1.59
-
cpe:2.3:a:igreks:milkystep_professional:1.60
-
cpe:2.3:a:igreks:milkystep_professional:1.61
-
cpe:2.3:a:igreks:milkystep_professional:1.62
-
cpe:2.3:a:igreks:milkystep_professional:1.63
-
cpe:2.3:a:igreks:milkystep_professional:1.64
-
cpe:2.3:a:igreks:milkystep_professional:1.65
-
cpe:2.3:a:igreks:milkystep_professional:1.66
-
cpe:2.3:a:igreks:milkystep_professional:1.67
-
cpe:2.3:a:igreks:milkystep_professional:1.68
-
cpe:2.3:a:igreks:milkystep_professional:1.69
-
cpe:2.3:a:igreks:milkystep_professional:1.70
-
cpe:2.3:a:igreks:milkystep_professional:1.71
-
cpe:2.3:a:igreks:milkystep_professional:1.72
-
cpe:2.3:a:igreks:milkystep_professional:1.73
-
cpe:2.3:a:igreks:milkystep_professional:1.74
-
cpe:2.3:a:igreks:milkystep_professional:1.75
-
cpe:2.3:a:igreks:milkystep_professional:1.76
-
cpe:2.3:a:igreks:milkystep_professional:1.77
-
cpe:2.3:a:igreks:milkystep_professional:1.78
-
cpe:2.3:a:igreks:milkystep_professional:1.79
-
cpe:2.3:a:igreks:milkystep_professional:1.80
-
cpe:2.3:a:igreks:milkystep_professional:1.82
-
cpe:2.3:a:igreks:milkystep_professional_oem:1.82