5

CVE-2004-2364

Exploit
Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpxPhpx Version3.0.0
PhpxPhpx Version3.0.1
PhpxPhpx Version3.0.2
PhpxPhpx Version3.0.3
PhpxPhpx Version3.0.4
PhpxPhpx Version3.0.5
PhpxPhpx Version3.0.6
PhpxPhpx Version3.0.7
PhpxPhpx Version3.1.0
PhpxPhpx Version3.1.1
PhpxPhpx Version3.1.2
PhpxPhpx Version3.1.3
PhpxPhpx Version3.1.4
PhpxPhpx Version3.2.0
PhpxPhpx Version3.2.1
PhpxPhpx Version3.2.2
PhpxPhpx Version3.2.3
PhpxPhpx Version3.2.4
PhpxPhpx Version3.2.5
PhpxPhpx Version3.2.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.71% 0.952
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/11554
http://securitytracker.com/id?1010061
http://www.phpx.org/project.php?action=view&project_id=1
Patch
URL Repurposed
http://www.securityfocus.com/archive/1/362230
Vendor Advisory
Exploit
http://www.osvdb.org/5907
http://www.osvdb.org/5908
http://www.osvdb.org/5909
http://www.osvdb.org/5910
http://www.osvdb.org/5911
http://www.securityfocus.com/bid/10284
Patch
Exploit