Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5917

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-5917
Last Modified 05 Sep 2008 05:31:55
Published 09 Nov 2007 09:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5917

Summary

Cross-site request forgery (CSRF) vulnerability in admin/admin_account.php in Skalinks 1.5 and earlier allows remote attackers to add arbitrary privileged accounts as administrators via the admin_name, admin_password, admin_type, and Add_admin parameters.

Vulnerable Systems

Application

  • Skalinks 1.5


References

XF - skalinks-adminaccount-csrf(38286)

BUGTRAQ - 20071103 Skalinks <= 1_5 Cross Site Request Forgery Add Admin

MISC - http://www.hackinginside.altervista.org/bug/skalinks_1_5_csrf.txt

SECUNIA - 27532

SREASON - 3356


Last Updated: 27 May 2016 10:46:19