Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag.
References
Link | Resource |
---|---|
http://www.gulftech.org/?node=research&article_id=00084-06232005 | Exploit Patch Vendor Advisory |
http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351 | Patch |
http://marc.info/?l=bugtraq&m=111963737202040&w=2 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2005-06-28 21:00
Updated : 2016-10-17 20:24
NVD link : CVE-2005-2059
Mitre link : CVE-2005-2059
JSON object : View
CWE
Products Affected
ubbcentral
- ubb.threads