Description
Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Jacob Holcomb · textwebappsjsp
https://www.exploit-db.com/exploits/18416
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://infosec42.blogspot.com/2012/01/cve-2012-0285-and-cve-2012-0286.html
Vendor Advisory x_refsource_confirm
http://www.stone-ware.com/support/techdocs/kb/d1960/sb_6_0_8.pdf
Vendor Advisory x_refsource_confirm
http://www.stone-ware.com/swql.jsp?kb=d1960
Scores
EPSS
0.0022
EPSS Percentile
44.8%
Details
CWE
CWE-352
Status
published
Products (2)
stone-ware/webnetwork
6.0.5.0
stone-ware/webnetwork
< 6.0.7.0
Published
Jan 24, 2012
Tracked Since
Feb 18, 2026