Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0266


Vulnerability Score 2.6 2.6
CVE Id CVE-2008-0266
Last Modified 05 Sep 2008 05:34:37
Published 15 Jan 2008 03:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket allows remote attackers to change the administrative password and possibly perform other administrative tasks. NOTE: either the old password must be known, or the attacker must leverage a separate SQL injection vulnerability.

Vulnerable Systems


  • Eticket


XF - eticket-admin-csrf(39490)

BID - 27173

BUGTRAQ - 20080106 eTicket Multiple Vulnerabilities

SECUNIA - 28331

SREASON - 3542

Last Updated: 27 May 2016 10:46:44