Lucene search
PRIOn knowledge basePRION:CVE-2011-0535HistoryFeb 08, 2011 - 10:00 p.m.
Cross site request forgery (csrf)
2011-02-0822:00:00
PRIOn knowledge base
www.prio-n.com
3
Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to index.php.
References
bl0g.yehg.net/2011/02/zikula-cms-124-cross-site-request.html
code.zikula.org/core12/browser/tags/Zikula-1.2.5/src/docs/CHANGELOG
community.zikula.org/index.php?module=News&func=display&sid=3041&title=zikula-1.2.5-released
openwall.com/lists/oss-security/2011/02/01/1
openwall.com/lists/oss-security/2011/02/03/1
seclists.org/fulldisclosure/2011/Feb/0
secunia.com/advisories/43114
securityreason.com/securityalert/8067
www.osvdb.org/70751
Related
cve
cve
CVE-2011-0535
2011-02-08 22:00:01
CVE-2011-0911
2022-10-03 16:15:21
nvd
nvd
CVE-2011-0535
2011-02-08 22:00:01
CVE-2011-0911
2011-02-08 22:00:02
cvelist
cvelist
CVE-2011-0535
2011-02-08 21:00:00
CVE-2011-0911
2022-10-03 16:15:21
openvas
openvas
Zikula CMS CSRF Vulnerability
2011-02-07 00:00:00
Zikula CMS CSRF Vulnerability
2011-02-07 00:00:00
prion
prion
Cross site scripting
2011-02-08 22:00:00