CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-8081

Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a session cookie or CSRF nonce.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 56.8%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1224
https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1224

Products affected by CVE-2017-8081

Cagintranetworks » Getsimple Cms » Version: 3.3.13_

cpe:2.3:a:cagintranetworks:getsimple_cms:3.3.13_

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8081

Products

Pricing

Contact Us