[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-5400

Date: (C)2008-12-10   (M)2017-08-08 


Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to (1) create forums, (2) change account privileges, (3) enable accounts, or (4) disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers.

CVSS Score: 6.8Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
http://www.securityfocus.com/archive/1/archive/1/498872/100/0/threaded
SECUNIA-32931
SREASON-4699
OSVDB-50404
http://security.bkis.vn/?p=286
http://www.mvnforum.com/mvnforum/viewthread_thread
4361
mvnforum-unspecified-csrf(47027)

CWE    1
CWE-352

© 2013 SecPod Technologies