Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4734

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-4734
Last Modified 29 Jan 2009 01:57:18
Published 24 Oct 2008 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4734

Summary

Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options_page function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcr_hidden_form_input parameter.

Vulnerable Systems

Application

  • Pressography Wp Comment Remix Plugin 1.4

  • Pressography Wp Comment Remix Plugin 1.4.3


References

XF - wpcommentremix-http-csrf(45862)

BUGTRAQ - 20081014 WP Comment Remix 1.4.3 Multiple Vulnerabilities

SREASON - 4492

SECUNIA - 32253

MISC - http://chxsecurity.org/advisories/adv-3-full.txt


Last Updated: 27 May 2016 10:48:36