CVE-2012-5005

VR GPub 4.0 - CSRF

Title source: llm

Description

Cross-site request forgery (CSRF) vulnerability in admin/admin_options.php in VR GPub 4.0 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an add action.

Exploits (1)

exploitdb WORKING POC

by Cyber-Crystal · htmlwebappsphp

https://www.exploit-db.com/exploits/18418

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://secunia.com/advisories/47729

[Exploit] http://www.exploit-db.com/exploits/18418

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/72745

Scores

EPSS 0.0017

EPSS Percentile 38.2%

Details

CWE

CWE-352

Status published

Products (1)

frankdeveloper/vr_gpub 4.0

Published Sep 19, 2012

Tracked Since Feb 18, 2026