Vulnerabilities

CVE-2004-2364

by Fred · 16/08/2005

Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.

Date published : 2005-08-16

http://www.securityfocus.com/bid/10284

http://www.securityfocus.com/archive/1/362230

Similar

Tags: Cybersecurity Alert