{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in the Change Group Permissions module in CMS Made Simple 1.7.1 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make permission modifications."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-10-08T20:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://security.bkis.com/multiple-vulnerabilities-in-cms-made-simple/"}, {"name": "40031", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40031"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3883", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site request forgery (CSRF) vulnerability in the Change Group Permissions module in CMS Made Simple 1.7.1 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make permission modifications."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://security.bkis.com/multiple-vulnerabilities-in-cms-made-simple/", "refsource": "MISC", "url": "http://security.bkis.com/multiple-vulnerabilities-in-cms-made-simple/"}, {"name": "40031", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40031"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:26:11.431Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://security.bkis.com/multiple-vulnerabilities-in-cms-made-simple/"}, {"name": "40031", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40031"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-3883", "datePublished": "2010-10-08T20:00:00.000Z", "dateReserved": "2010-10-08T00:00:00.000Z", "dateUpdated": "2024-09-16T23:06:00.139Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:*:*:*:*:*:*:*:*", "matchCriteriaId": "C24B76E0-028C-483E-B779-EBF9C17FB9EB", "versionEndIncluding": "1.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10:*:*:*:*:*:*:*", "matchCriteriaId": "B87A7B4D-FB2C-4896-BF22-76F5D16A995E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "4D76634F-6DC4-49CD-8060-21F2ED17F652", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "C0FBFCAD-8850-4804-9B2A-566FDDE39685", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11:*:*:*:*:*:*:*", "matchCriteriaId": "C94DE9A2-E9AA-43BC-8D1F-EFA97722C482", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11:beta5:*:*:*:*:*:*", "matchCriteriaId": "0B2004E5-1AC3-4EDF-B160-F258769040D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11:beta6:*:*:*:*:*:*", "matchCriteriaId": "C097A9F3-96A3-4893-944E-8AF89D37CED1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "0DCBA3A6-3776-470D-BFC7-E4836D2A586F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C7F327F-CA20-47C1-BF99-AB4A439EAB07", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12:*:*:*:*:*:*:*", "matchCriteriaId": "04796760-3ED2-4B65-B571-6685916A8130", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12:beta1:*:*:*:*:*:*", "matchCriteriaId": "6B7A5E24-6619-45E5-8020-3176B53E39C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12:beta2:*:*:*:*:*:*", "matchCriteriaId": "23EC4CE4-70A6-4CF8-8725-B7B811702854", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B5C6034-A597-41A6-9F1A-F3DAB63DF31C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "9FE3B4A8-9C8A-46D2-A8EB-49FD3533ED3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.13:beta1:*:*:*:*:*:*", "matchCriteriaId": "146A6076-43F1-44C5-B111-29715C7A21C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.13:beta2:*:*:*:*:*:*", "matchCriteriaId": "4FCCAF43-71C3-4AC5-A094-9F6F2DE281D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.13:beta3:*:*:*:*:*:*", "matchCriteriaId": "71FD39E0-75EE-4735-97B5-2AE12C16B63B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "43F7E5BD-553E-4731-BED1-7E7DB772AD82", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "5CF35F3A-634C-4C36-B3E6-F1208F9D01F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "0349FD9D-06E4-4B17-8360-003111D16A22", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "E2D0D697-D088-40B1-8D80-B881A7530006", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "7F29A39F-4D8A-4683-8561-8C77B17005F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "E6C93E33-ABC4-434F-AF93-F8F697D5D62A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "36B57E13-2F90-49DD-988F-8A7F776536ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F4BF3B2C-1909-4CCF-A487-6378615D6A4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "AD2946B5-8AAF-4386-8C31-7D291C31BB7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5AB06C16-336C-4D85-84F6-24F079A2B144", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "4FB1C531-AA30-4B89-A8BF-744B053B4983", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DD0AE7F4-49F8-443A-9C8F-2F1C42F46713", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "0203A997-A077-4A8A-A3FE-CA9D10FF43AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "A5AAB099-B114-4A99-B086-9BA7866D4E7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "942BF218-1898-4135-9CA9-FAE4F091C883", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "574E610A-4799-45C9-B005-C1593B033AD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "ACB091A6-5B3A-4C2B-9CD8-3C59549772EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "ABDA3920-B609-491E-858B-5D9CBC7F1955", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:rc3:*:*:*:*:*:*", "matchCriteriaId": "8089FEC3-3E01-4D8E-BACB-6A42781D5151", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3B9680-3A66-4508-A318-B9B348FDC222", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9BDADD27-8249-4DE3-A2B5-EE1A3AD73F28", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "87178F45-424A-47D8-BEA5-B8371B722CC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "49DE10A7-9BC6-4B33-97FC-5FEB44AEAFBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A2FA0450-91E6-4250-A1D1-F2CFBB74A5B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:beta1:*:*:*:*:*:*", "matchCriteriaId": "6A607317-26A0-431B-AC83-2637CD2C5561", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:beta2:*:*:*:*:*:*", "matchCriteriaId": "CD8C48F5-844F-425D-A577-C0D6D3037F76", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:beta3:*:*:*:*:*:*", "matchCriteriaId": "29389D5B-96DA-4889-AE13-848CD959414C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "7A575B72-7763-4BA4-A1BF-96B31203479A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "98D93656-A4D2-44C4-82EC-55C8BE1A7304", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BAEAE47F-5A26-474E-8F7F-72976A8FEBA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E188A80A-980F-4AD8-B3B8-21D303121F35", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "E730A3A8-8A60-4CC5-B167-26984DE0DA3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "FA19F5B2-7C5C-43DD-85ED-E2CD4EF6E748", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "778E5678-B763-415E-AA35-EF644E7A2CD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta1:*:*:*:*:*:*", "matchCriteriaId": "7DEC1EBC-1DBA-4350-8B34-7A872C62B6BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta2:*:*:*:*:*:*", "matchCriteriaId": "078B102C-748B-4847-8413-71659982AF01", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "91C39415-8F99-45FB-BE00-1888901BB4D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "8F8649F4-1A33-41AE-888F-2D6BB19BCB6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4:beta1:*:*:*:*:*:*", "matchCriteriaId": "F6D11F61-8D0C-4545-9193-370D6D01ECB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4:beta2:*:*:*:*:*:*", "matchCriteriaId": "60F2A706-CBF1-42F5-AC04-E68C1981CCB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "2DC37F28-C58A-4492-A107-4348ECE9AAFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "206B72EC-895E-4DA0-B41B-AAE41E53C108", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "A46A8B81-2D8D-431A-832A-4517E9616B92", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "CC131029-CE9C-437E-B3D3-7924062E14D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF34A817-09AC-4C7E-916B-1B158C5EE599", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "20E8FFE1-9431-4146-AFD3-5491F5FE3C23", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "C1016173-D980-4909-86C0-81C94711FE27", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "068BF668-9626-4CA4-A401-1946DCF916AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "DA029BD9-1025-4802-BAE2-BEE218715FC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9928102A-27E2-4604-93F4-318BA7CDCAFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F1EECFB4-7001-411F-BBAE-BABD5248E4B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "40C6F2FA-0518-4B2A-9F05-51897A16AF6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "A35145EB-E7A7-48EC-91A9-9D423F316712", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "589C199E-12F9-41CF-BFE0-4B952B773460", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "7BB9992D-2EF4-4DBF-898A-6284A074403E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "B18A2D88-5B3E-4CCF-B979-F7D7A9F7EA1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "2F14D3BD-5835-4206-BE44-72F31F46D067", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in the Change Group Permissions module in CMS Made Simple 1.7.1 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make permission modifications."}, {"lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios (CSRF) en el modulo de cambio de permisos de grupo en CMS Made Simple v1.7.1 y anteriores permite a atacantes remotos secuestrar la autenticaci\u00f3n de los usuarios de su elecci\u00f3n en las solicitudes que hacen de modificaciones de permiso."}], "id": "CVE-2010-3883", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-10-08T21:00:05.503", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40031"}, {"source": "cve@mitre.org", "url": "http://security.bkis.com/multiple-vulnerabilities-in-cms-made-simple/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40031"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.bkis.com/multiple-vulnerabilities-in-cms-made-simple/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}