cpe:/a:phparanoid:phparanoid:0.1 cpe:/a:phparanoid:phparanoid:0.2 cpe:/a:phparanoid:phparanoid:0.3 CVE-2008-5672 2008-12-18T20:52:02.627-05:00 2017-08-07T21:33:27.703-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-12-19T10:27:00.000-05:00 ALLOWS_OTHER_ACCESS SECUNIA 28847 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=575358 XF phparanoid-http-csrf(40518) Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages.