Max CVSS 6.8 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2011-2190 2.1
The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack.
14-05-2012 - 04:00 07-10-2011 - 02:51
CVE-2011-2191 6.8
Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a cra
24-11-2011 - 03:58 07-10-2011 - 02:51
Back to Top Mark selected
Back to Top