Описание
Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.
Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2364
- http://secunia.com/advisories/11554
- http://securitytracker.com/id?1010061
- http://www.osvdb.org/5907
- http://www.osvdb.org/5908
- http://www.osvdb.org/5909
- http://www.osvdb.org/5910
- http://www.osvdb.org/5911
- http://www.phpx.org/project.php?action=view&project_id=1
- http://www.securityfocus.com/archive/1/362230
- http://www.securityfocus.com/bid/10284
EPSS
CVE ID
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.
EPSS