Chialab Channelweb Bedita vulnerabilities
2 known vulnerabilities affecting chialab_channelweb/bedita.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2010-5315P4MEDIUMCVSS 6.8PoC≤ 3.0.1.2550_\"betula\"2015-01-03
CVE-2010-5315 [MEDIUM] CWE-352 CVE-2010-5315: Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attacke
Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create categories via a data array to news/saveCategories or (2) modify credentials via a data array to admin/saveUser.
nvd
CVE-2010-5314P4MEDIUMCVSS 4.3≤ 3.0.1.2550_\"betula\"2015-01-03
CVE-2010-5314 [MEDIUM] CWE-79 CVE-2010-5314: Cross-site scripting (XSS) vulnerability in controllers/home_controller.php in BEdita before 3.1 all
Cross-site scripting (XSS) vulnerability in controllers/home_controller.php in BEdita before 3.1 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter to news/index.
nvd