CVE-2004-2364

Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.

Published : 2004-12-31 05:00 Updated : 2008-09-05 20:43

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Phpx Phpx 3.0.0 cpe:/a:phpx:phpx:3.0.0
Phpx Phpx 3.0.4 cpe:/a:phpx:phpx:3.0.4
Phpx Phpx 3.1.3 cpe:/a:phpx:phpx:3.1.3
Phpx Phpx 3.2.2 cpe:/a:phpx:phpx:3.2.2
Phpx Phpx 3.0.3 cpe:/a:phpx:phpx:3.0.3
Phpx Phpx 3.1.2 cpe:/a:phpx:phpx:3.1.2
Phpx Phpx 3.2.1 cpe:/a:phpx:phpx:3.2.1
Phpx Phpx 3.0.6 cpe:/a:phpx:phpx:3.0.6
Phpx Phpx 3.2.4 cpe:/a:phpx:phpx:3.2.4
Phpx Phpx 3.0.5 cpe:/a:phpx:phpx:3.0.5
Phpx Phpx 3.1.4 cpe:/a:phpx:phpx:3.1.4
Phpx Phpx 3.2.3 cpe:/a:phpx:phpx:3.2.3
Phpx Phpx 3.2.6 cpe:/a:phpx:phpx:3.2.6
Phpx Phpx 3.0.7 cpe:/a:phpx:phpx:3.0.7
Phpx Phpx 3.2.5 cpe:/a:phpx:phpx:3.2.5
Phpx Phpx 3.0.2 cpe:/a:phpx:phpx:3.0.2
Phpx Phpx 3.1.1 cpe:/a:phpx:phpx:3.1.1
Phpx Phpx 3.2.0 cpe:/a:phpx:phpx:3.2.0
Phpx Phpx 3.0.1 cpe:/a:phpx:phpx:3.0.1
Phpx Phpx 3.1.0 cpe:/a:phpx:phpx:3.1.0
  1. Phpx (1) Search CVE
    1. Phpx (20) Search CVE
      1. 3.0.0
      2. 3.0.4
      3. 3.1.3
      4. 3.2.2
      5. 3.0.3
      6. 3.1.2
      7. 3.2.1
      8. 3.0.6
      9. 3.2.4
      10. 3.0.5
      11. 3.1.4
      12. 3.2.3
      13. 3.2.6
      14. 3.0.7
      15. 3.2.5
      16. 3.0.2
      17. 3.1.1
      18. 3.2.0
      19. 3.0.1
      20. 3.1.0

CWE

There is no CWE for this CVE.

History of changes

Date Event
2004-12-31 05:00

New CVE