CVE-2020-5615

Cross-site request forgery (CSRF) vulnerability in [Calendar01] free edition ver1.0.0 and [Calendar02] free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
References
Link Resource
https://www.php-factory.net/calendar/02.php Product Third Party Advisory
https://www.php-factory.net/calendar/01.php Product Third Party Advisory
https://jvn.jp/en/jp/JVN73169744/index.html Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:calendar01_project:calendar01:1.0.0:*:*:*:free:*:*:*
cpe:2.3:a:calendar02_project:calendar02:1.0.0:*:*:*:free:*:*:*

Information

Published : 2020-08-03 19:15

Updated : 2020-08-06 13:40


NVD link : CVE-2020-5615

Mitre link : CVE-2020-5615


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

calendar01_project

  • calendar01

calendar02_project

  • calendar02