PT-2012-5328 · Alstrasoft · Alstrasoft Site Uptime Enterprise

Published

2012-08-14

Updated

2017-08-29

CVE-2012-4326

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions AlstraSoft Site Uptime Enterprise version 5.4

Description A cross-site request forgery (CSRF) issue exists, allowing remote attackers to hijack the authentication of administrators. This occurs due to a vulnerability in the commonsettings.php file.

Recommendations For version 5.4, update the commonsettings.php file to prevent CSRF attacks, ensuring that proper validation and verification of requests are in place to prevent unauthorized access.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2012-4326

Affected Products

Alstrasoft Site Uptime Enterprise

PT-2012-5328 · Alstrasoft · Alstrasoft Site Uptime Enterprise

CVE-2012-4326

Weakness Enumeration

Related Identifiers

Affected Products

References · 5