CVE-2009-3022

6.5 MEDIUM

Published: August 31, 2009 Modified: April 23, 2026

Description

Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://jvn.jp/en/jp/JVN68640473/index.html

Source: cve@mitre.org

Third Party Advisory

http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000058.html

Source: cve@mitre.org

Third Party Advisory VDB Entry

http://osvdb.org/57425

Source: cve@mitre.org

Broken Link

http://secunia.com/advisories/36458

Source: cve@mitre.org

Broken Link Vendor Advisory

http://www.bingo-cms.jp/security/jvn68640473.html

Source: cve@mitre.org

Broken Link Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/52838

Source: cve@mitre.org

Third Party Advisory VDB Entry

http://jvn.jp/en/jp/JVN68640473/index.html