CVE-2008-3938

Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers to change arbitrary passwords via an update_password action.

Date published : 2008-09-05

http://packetstorm.linuxsecurity.com/0808-exploits/omcd-xssxsrf.txt

http://secunia.com/advisories/31719