PT-2007-2910 · Php Nuke · Php-Nuke
Name of the Vulnerable Software and Affected Versions: PHP-Nuke versions 8.0 and earlier Description: The issue concerns a problem with cross-site request forgery CSRF protection. It does not properly validate the HTTP REFERER, allowing remote attackers to conduct CSRF attacks. Recommendations: F...