2 matches found
CVE-2007-1520
The cross-site request forgery CSRF protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTPREFERER, which allows remote attackers to conduct CSRF attacks...
CVE-2007-1520
The CVE-2007-1520 issue affects PHP-Nuke 8.0 and earlier, where CSRF protection fails to verify that the SERVER superglobal is an array before validating HTTP_REFERER. This logic flaw enables CSRF attacks against vulnerable PHP-Nuke installations. The vulnerability is described in multiple source...