|
|
CVE Reference: CVE-2008-5400 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-5400 |
|
|
Description: Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to (1) create forums, (2) change account privileges, (3) enable accounts, or (4) disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/47027 SREASON http://securityreason.com/securityalert/4699 SAID Secunia Advisory: SA32931 OSVDB 50404 MISC http://security.bkis.vn/?p=286 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0061.html CONFIRM http://www.mvnforum.com/mvnforum/viewthread_thread,4361 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/498872/100/0/threaded |
|
| Return to the previous page. |
