Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages.
CPE | Name | Operator | Version |
---|---|---|---|
phparanoid | eq | 0.2 | |
phparanoid | le | 0.3 | |
phparanoid | eq | 0.1 |