Description
Cross-site request forgery (CSRF) vulnerability in SAMEDIA LandShop 0.9.2 allows remote attackers to hijack the authentication of administrators for requests that change account settings.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Vulnerability-Lab · textwebappsphp
https://www.exploit-db.com/exploits/18687
References (5)
Core 5
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48661
Various Sources x_refsource_misc
http://vulnerability-lab.com/get_content.php?id=485
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80800
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/18687
Exploit x_refsource_misc
http://packetstormsecurity.org/files/111415/Landshop-0.9.2-Cross-Site-Scripting-SQL-Injection.html
Scores
EPSS
0.0046
EPSS Percentile
64.3%
Details
CWE
CWE-352
Status
published
Products (1)
samedia/landshop
0.9.2
Published
Nov 17, 2012
Tracked Since
Feb 18, 2026