Vulnerabilities > 11In1

DATE CVE VULNERABILITY TITLE RISK
2012-02-24 CVE-2012-0997 Cross-Site Request Forgery (CSRF) vulnerability in 11In1 1.2.1
Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 allows remote attackers to hijack the authentication of administrators for requests that add new topics via an addTopic action.
network
11in1 CWE-352
6.8
6.8
2012-02-24 CVE-2012-0996 Path Traversal vulnerability in 11In1 1.2.1
Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a ..
network
low complexity
11in1 CWE-22
5.0
5.0