CVE-2012-0286

Stoneware webNetwork <6.0.8.0 - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-0286. PoCs published by Jacob Holcomb.

AI-analyzed exploit summary This document is a vulnerability assessment report detailing CVE-2012-0286 (CSRF) and CVE-2012-0285 (XSS) in Stoneware WebNetwork6. It includes technical descriptions, exploitation examples, and mitigation recommendations.

Description

Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Jacob Holcomb · textwebappsjsp
https://www.exploit-db.com/exploits/18416

This document is a vulnerability assessment report detailing CVE-2012-0286 (CSRF) and CVE-2012-0285 (XSS) in Stoneware WebNetwork6. It includes technical descriptions, exploitation examples, and mitigation recommendations.

Classification
Writeup 90%
Attack Type
Xss | Csrf
Complexity
Moderate
Reliability
Reliable
Target: Stoneware WebNetwork6
Auth required
Prerequisites: User must be logged in for CSRF · User input fields must be accessible for XSS
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.stone-ware.com/swql.jsp?kb=d1960

Scores

EPSS 0.0101
EPSS Percentile 58.7%

Details

CWE
CWE-352
Status published
Products (2)
stone-ware/webnetwork 6.0.5.0
stone-ware/webnetwork < 6.0.7.0
Published Jan 24, 2012
Tracked Since Feb 18, 2026