Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1947

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1947
Last Modified 05 Sep 2008 04:50:29
Published 09 Jun 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1947

Summary

Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote attackers to delete albums and images as another user via a link or IMG tag to the (1) albums or (2) delimg actions.

Vulnerable Systems

Application

  • Invision Power Services Invision Gallery 1.0.1

  • Invision Power Services Invision Gallery 1.3


References

MISC - http://www.gulftech.org/?node=research&article_id=00079-06092005

BUGTRAQ - 20050609 Invision Gallery Vulnerabilities


Last Updated: 27 May 2016 10:40:21