Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4193


Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4193
Last Modified 07 Mar 2011 09:57:57
Published 07 Aug 2007 09:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in IDE Group DVD Rental System (DRS) 5.1 before 20070801 allow remote attackers to perform certain actions as arbitrary users, as demonstrated by (1) modifying data or (2) canceling a subscription. NOTE: it is not clear whether IDE Group updates all DRS installations in its role as an application service provider. If so, then this issue should not be included in CVE.

Vulnerable Systems


  • Ide Group Dvd Rental System Drs 5.1


VUPEN - ADV-2007-2806

OSVDB - 39523

FULLDISC - 20070802 DVD Rental System multiple XSS and CSRF vulnerabilities

XF - drs-index-csrf(35769)

SECUNIA - 26310

Last Updated: 27 May 2016 10:45:48