CVE-2010-1542
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-1542
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks or (2) change unspecified settings.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Dragonfrugal DFD Cart 'admin/configure.php'跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
DFD Cart的admin/configure.php存在多个跨站请求伪造(CSRF)漏洞,远程攻击者可劫持管理员对(1)跨站脚本攻击(XSS),或(2)变更未明设置请求的认证。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-1542
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-1542
请登录查看更多情报信息。
- http://holisticinfosec.org/content/view/135/45/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2010-1542
Same Patch Batch · n/a · 2010-04-26 · 17 CVEs total
| CVE-2010-1536 | Drupal AddThis Button模块跨站脚本攻击漏洞 | |
| CVE-2010-1537 | PhpCDB'lang_global'多个目录遍历漏洞 | |
| CVE-2010-1538 | Bluestrikeweb phpRAINCHECK 'id' 参数SQL注入漏洞 | |
| CVE-2010-1539 | Drupal Workflow 模块跨站脚本攻击漏洞 | |
| CVE-2010-1540 | Myblog 'com_myblog'组件'task'参数本地文件包含漏洞 | |
| CVE-2010-1541 | Dragonfrugal DFD Cart多个跨站脚本攻击漏洞 | |
| CVE-2010-1543 | eTracker模块URI跨站脚本攻击漏洞 | |
| CVE-2010-1544 | RCA DCM425调制解调器micro_httpd远程拒绝服务漏洞 | |
| CVE-2010-1528 | Uiga Proxy'template.php'PHP远程文件包含漏洞 | |
| CVE-2010-1529 | Freestyle FAQ Lite组件'faqid'参数SQL注入漏洞 | |
| CVE-2010-1530 | Reyero Internationalization模块多个跨站脚本攻击漏洞 | |
| CVE-2010-1531 | Redcomponent redSHOP组件目录遍历漏洞 | |
| CVE-2010-1532 | givesight PowerMail Pro组件目录遍历漏洞 | |
| CVE-2010-1533 | Joomla! TweetLA (com_tweetla)组件目录遍历漏洞 | |
| CVE-2010-1534 | Joomla! Shoutbox Pro (com_shoutbox)组件目录遍历漏洞 | |
| CVE-2010-1535 | Joomla! TRAVELbook (com_travelbook) 组件目录遍历漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2010-1542
No comments yet