Filtered by vendor Phparanoid
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5672 | 1 Phparanoid | 1 Phparanoid | 2017-08-07 | 6.8 MEDIUM | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages. | |||||
CVE-2008-5673 | 1 Phparanoid | 1 Phparanoid | 2017-08-07 | 6.5 MEDIUM | N/A |
PHParanoid before 0.4 does not properly restrict access to the members area by unauthenticated users, which has unknown impact and remote attack vectors. | |||||
CVE-2008-5758 | 1 Phparanoid | 1 Phparanoid | 2017-08-07 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in PHParanoid before 0.5 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors related to private messages. |