Vulnerabilities > CVE-2006-3272 - Cross-Site Request Forgery vulnerability in Astrodog Press Some Chess 1.5Rc2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

astrodog-press

NVD

Published: 2006-06-28

Updated: 2017-07-20

Summary

Cross-site request forgery (CSRF) vulnerability in menu.php in Some Chess 1.5 rc2 allows remote attackers to conduct actions as another user, such as changing usernames and passwords, via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Astrodog_Press Astrodog Press Some Chess 1.5_Rc2	1

References

http://secunia.com/advisories/20770
https://exchange.xforce.ibmcloud.com/vulnerabilities/27307