CVE-2014-2916

2014-05-05T16:07:00
ID CVE-2014-2916
Type cve
Reporter cve@mitre.org
Modified 2015-08-01T01:35:00

Description

Cross-site request forgery (CSRF) vulnerability in the subscription page editor (spageedit) in phpList before 3.0.6 allows remote attackers to hijack the authentication of administrators via a request to admin/.