cpe:/a:campusvirtualcomputrade:campus_virtual-lms CVE-2009-2150 2009-06-22T10:30:00.390-04:00 2017-09-28T21:34:44.747-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-06-23T08:49:00.000-04:00 EXPLOIT-DB 8937 Multiple cross-site request forgery (CSRF) vulnerabilities in Campus Virtual-LMS allow (1) remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a (2) ADD or (3) DELETE action to enrolments/step2.php.