{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T02:17:28.226","vulnerabilities":[{"cve":{"id":"CVE-2010-2039","sourceIdentifier":"cve@mitre.org","published":"2010-05-25T14:30:01.783","lastModified":"2026-06-16T23:19:51.967","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an Admin_Users action to index.php.  NOTE: some of these details are obtained from third party information."},{"lang":"es","value":"Vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en gpEasy CMS v1.6.2, v1.6.1, y anteriores. Permite a atacantes remotos secuestrar (hijack) la autenticación de administradores para peticiones que crean nuevos usuarios de administración a través de una acción Admin_Users a index.php. NOTA: algunos de estos detalles han sido obtenidos de información procedente de terceras partes."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.2","matchCriteriaId":"E40423B4-2E9C-4E00-BA2E-26426BF3CAB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.5:*:*:*:*:*:*:*","matchCriteriaId":"0DF2976A-EBAD-4A71-87C7-58E4311904F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.5:rc2:*:*:*:*:*:*","matchCriteriaId":"9F1BC763-BA60-40C2-AC3A-10C817FAE0F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.5:rc3:*:*:*:*:*:*","matchCriteriaId":"4000B360-BE2E-429D-9CEC-C0886C679384"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.5:rc4:*:*:*:*:*:*","matchCriteriaId":"0C4F029B-CF0E-41B0-8588-249DF0006922"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.6:*:*:*:*:*:*:*","matchCriteriaId":"71F277EE-C80A-4D9A-BDCB-3075864A762B"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.6:rc1:*:*:*:*:*:*","matchCriteriaId":"DDC0182A-7D10-4ACF-B40D-716FF6967389"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.6:rc2:*:*:*:*:*:*","matchCriteriaId":"142F2215-449B-4615-8897-CCC481E087B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.6:rc3:*:*:*:*:*:*","matchCriteriaId":"0BC43ECE-9746-449C-B8F6-6F1BD60E3203"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.6:rc4:*:*:*:*:*:*","matchCriteriaId":"3D4581F3-DDD1-45FC-A875-9D519FCB2D8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.6:rc5:*:*:*:*:*:*","matchCriteriaId":"D0C0AD75-8598-4216-8EE1-91BA2D186A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.6.1:*:*:*:*:*:*:*","matchCriteriaId":"53E37F66-20A2-4FEC-8648-E9056AAA7774"},{"vulnerable":true,"criteria":"cpe:2.3:a:gpeasy:gpeasy_cms:1.6.3:*:*:*:*:*:*:*","matchCriteriaId":"50EEA808-5C4B-43FF-8D04-FDE01638FBB5"}]}]}],"references":[{"url":"http://packetstormsecurity.org/1004-exploits/gpeasy-xsrf.txt","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/39643","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.exploit-db.com/exploits/12441","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.osvdb.org/64130","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2010/1030","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58214","source":"cve@mitre.org"},{"url":"http://packetstormsecurity.org/1004-exploits/gpeasy-xsrf.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/39643","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.exploit-db.com/exploits/12441","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.osvdb.org/64130","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/1030","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58214","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}