CVE-2010-5319
The CVE-2010-5319 entry describes three CSRF flaws in Kandidat CMS 1.4.2 that allow an attacker to hijack administrator authentication to perform actions: (1) change settings via a validate action to admin/settings.php, (2) modify pages via the what parameter to admin/edit.php, and (3) modify art...