CVE-2015-6827

EUVD-2015-6764
Cross-site request forgery (CSRF) vulnerability in Auto-Exchanger 5.1.0 allows remote attackers to hijack the authentication of users for requests that change a password via a request to signup.php.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
auto-exchangerauto-exchanger
5.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/133498/Autoexchanger-5.1.0-Cross-Site-Request-Forgery.html
https://www.exploit-db.com/exploits/38119/
http://packetstormsecurity.com/files/133498/Autoexchanger-5.1.0-Cross-Site-Request-Forgery.html
https://www.exploit-db.com/exploits/38119/