CVEブラウザに戻る

CVE-2008-3736

MEDIUM

6.0

CVSS Severity Score

EPSS Score0.0450%

EPSS Percentile20.95th

Published2008年8月27日

Last Modified2026年4月23日

Vulnerability Description

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (a) change passwords or (b) change configurations.

Affected Platforms (CPE)

📦

Spacetag

Lacoodast

<= 2.1.3

📦

System Consultants

La Cooda Wiz

<= 1.4.0

References & Advisories

🔗 http://jvn.jp/en/jp/JVN83428818/index.html

🔗 http://secunia.com/advisories/31574

🔗 http://secunia.com/advisories/31582

🔗 http://wiz.syscon.co.jp/Details.htm

🔗 http://www.securityfocus.com/bid/30791

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/44592

🔗 http://jvn.jp/en/jp/JVN83428818/index.html

🔗 http://secunia.com/advisories/31574

関連する脆弱性情報

CVE-2008-373710.0

Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier al...

CVE-2008-37389.1

Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecif...

CVE-2008-37394.3

Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3...

CVE-2008-461510.0

Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.

CVE-2008-3736 Detail & Impact Analysis | CVSS 6.0 (MEDIUM) | Cyber-Sec.Space | Cyber-Sec.Space