2 matches found
CVE-2009-0969
Cross-site request forgery CSRF vulnerability in account/settings/account/index.php in phpFoX 1.6.21 allows remote attackers to hijack the authentication of administrators for requests that change the email address via the actupdate action...
CVE-2009-0969
Summary: CVE-2009-0969 is a cross-site request forgery (CSRF) vulnerability in phpFoX 1.6.21, affecting the file account/settings/account/index.php. The issue enables remote attackers to hijack administrator sessions to perform actions that change the administrator email address via the act[updat...