CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-3736

MEDIUM
6.0
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile20.95th
Published2008年8月27日
Last Modified2026年4月23日

Vulnerability Description

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (a) change passwords or (b) change configurations.

Affected Platforms (CPE)

📦
Spacetag

Lacoodast

<= 2.1.3
📦
System Consultants

La Cooda Wiz

<= 1.4.0

References & Advisories

🔗 http://jvn.jp/en/jp/JVN83428818/index.html
🔗 http://secunia.com/advisories/31574
🔗 http://secunia.com/advisories/31582
🔗 http://wiz.syscon.co.jp/Details.htm
🔗 http://www.securityfocus.com/bid/30791
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/44592
🔗 http://jvn.jp/en/jp/JVN83428818/index.html
🔗 http://secunia.com/advisories/31574

相关漏洞威胁

CVE-2008-373710.0

Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier al...

CVE-2008-37389.1

Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecif...

CVE-2008-37394.3

Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...