CVE Vulnerabilities

CVE-2004-2364

Published: Dec 31, 2004 | Modified: Apr 03, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.

Affected Software

Name Vendor Start Version End Version
Phpx Phpx 3.0.0 (including) 3.0.0 (including)
Phpx Phpx 3.0.1 (including) 3.0.1 (including)
Phpx Phpx 3.0.2 (including) 3.0.2 (including)
Phpx Phpx 3.0.3 (including) 3.0.3 (including)
Phpx Phpx 3.0.4 (including) 3.0.4 (including)
Phpx Phpx 3.0.5 (including) 3.0.5 (including)
Phpx Phpx 3.0.6 (including) 3.0.6 (including)
Phpx Phpx 3.0.7 (including) 3.0.7 (including)
Phpx Phpx 3.1.0 (including) 3.1.0 (including)
Phpx Phpx 3.1.1 (including) 3.1.1 (including)
Phpx Phpx 3.1.2 (including) 3.1.2 (including)
Phpx Phpx 3.1.3 (including) 3.1.3 (including)
Phpx Phpx 3.1.4 (including) 3.1.4 (including)
Phpx Phpx 3.2.0 (including) 3.2.0 (including)
Phpx Phpx 3.2.1 (including) 3.2.1 (including)
Phpx Phpx 3.2.2 (including) 3.2.2 (including)
Phpx Phpx 3.2.3 (including) 3.2.3 (including)
Phpx Phpx 3.2.4 (including) 3.2.4 (including)
Phpx Phpx 3.2.5 (including) 3.2.5 (including)
Phpx Phpx 3.2.6 (including) 3.2.6 (including)

References