Cross site request forgery (csrf)

2007-10-1821:17:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.5%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.9 allow remote attackers to perform delete actions as administrators via (1) the block_id parameter to add_block.php or (2) the link_id parameter to add_link.php.

CPENameOperatorVersion
sphpblogeq0.4.9

CPE	Name	Operator	Version
	sphpblog	eq	0.4.9

References

hackish.altervista.org/forum/viewtopic.php?t=221

secunia.com/advisories/27264

www.securityfocus.com/archive/1/482422/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/37238

exchange.xforce.ibmcloud.com/vulnerabilities/37239