CVE-2004-2364
CVE-2004-2364
Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.
Productos afectados
n/a · n/aPoCs públicas encontradas — 6
exploitdbwww.exploit-db.com/exploits/24092no verificadoexploitdbwww.exploit-db.com/exploits/24091no verificadoexploitdbwww.exploit-db.com/exploits/24089no verificadoexploitdbwww.exploit-db.com/exploits/24088no verificadoexploitdbwww.exploit-db.com/exploits/24090no verificadoexploitdbwww.exploit-db.com/exploits/43812no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://secunia.com/advisories/11554http://securitytracker.com/id?1010061http://www.osvdb.org/5907http://www.osvdb.org/5908http://www.osvdb.org/5909http://www.osvdb.org/5910http://www.osvdb.org/5911http://www.phpx.org/project.php?action=view&project_id=1http://www.securityfocus.com/archive/1/362230http://www.securityfocus.com/bid/10284