Cross site request forgery (csrf)

2008-12-1901:52:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.6%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages.

CPENameOperatorVersion
phparanoideq0.2
phparanoidle0.3
phparanoideq0.1

Name	Operator	Version
phparanoid	eq	0.2
phparanoid	le	0.3
phparanoid	eq	0.1

References

secunia.com/advisories/28847

sourceforge.net/project/shownotes.php?release_id=575358

exchange.xforce.ibmcloud.com/vulnerabilities/40518