CVE-2006-3479
The CVE describes a Cross-site Request Forgery (CSRF) bug in Nuked-Klan before and including 1.7 SP4.2. The del_block function in modules/Admin/block.php is vulnerable; a remote attacker can delete arbitrary blocks by following a crafted link that alters the bid parameter in a del_block operation...